April 19, 2024
Daily News
U.S. Chamber encourages CISA to seek ‘qualitative’ information in incident reports under upcoming mandatory regime
Mandatory incident reports to CISA should be focused on “qualitative’ information, according to the U.S. Chamber of Commerce, which offers a proposal for information requirements based on legislative intent in the CIRICA law.
The Cyber Incident Reporting for Critical Infrastructure Act directs CISA to establish a mandatory regime where incidents must be reported within 72 hours and 24 hours for ransomware payments. CISA released a request for information in September to gather feedback from stakeholders on implementation.
“For the...