USTelecom seeks clarity on reporting requirements, harmonization opportunities under upcoming CISA regime

USTelecom is asking the Cybersecurity and Infrastructure Security Agency to reconsider its approach to establishing a threshold for reporting incidents under an upcoming mandatory regime, in comments submitted on a notice of proposed rulemaking.

“Our industry requires more precise definitions and clear reporting thresholds. Without these, there is a real risk that, in an effort to comply with the law, the industry will report a staggering number of events that could easily overwhelm CISA’s capacity to act on the information,”...