October 4, 2025
Daily News
U.S. Chamber seeks changes to key definitions in CISA incident reporting rule to align with congressional intent
The U.S. Chamber of Commerce argues the Cybersecurity and Infrastructure Security Agency’s definitions for “covered entity” and “substantial (or covered) cyber incident” in a proposed rule should be revised as work to continues to implement a mandatory incident reporting regime for critical infrastructure entities required by Congress.
The Chamber responded in a July 2 letter to a CISA notice of proposed rulemaking published on April 4 to implement the 2022 Cyber Incident Reporting for Critical Infrastructure Act. The comment...