CISA to Release RFI on Ways to Implement Cyber Incident Reporting
Friday, September 09, 2022 | Comments

The Cybersecurity and Infrastructure Security Agency (CISA) announced its plans to issue a request for information (RFI) soliciting public input on approaches to implementing the cyber incident reporting requirements, pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022.

The RFI will publish in the Federal Register on September 12 and provide the public with 60 days to provide their written submissions. CIRCIA requires CISA to develop and publish a notice of proposed rulemaking (NPRM) containing proposed regulations for cyber incident and ransom payment reporting for public comment and review. The RFI solicits input from the critical infrastructure community and other members of the public, and that input will inform the agency’s development of the proposed regulations.

Timely cyber incident reporting allows CISA to rapidly deploy resources and render assistance to victims suffering attacks, identify emerging threats and trends, and quickly share threat information with federal partners and network defenders to take protective action and warn other potential victims.

“The Cyber Incident Reporting for Critical Infrastructure Act of 2022 is a gamechanger for the whole cybersecurity community and everyone invested in protecting our nation’s critical infrastructure,” said CISA Director Jen Easterly. “It will allow us to better understand the threats we are facing, to spot adversary campaigns earlier, and to take more coordinated action with our public and private sector partners in response. We can’t defend what we don’t know about and the information we receive will help us fill critical information gaps that will inform the guidance we share with the entire community, ultimately better defending the nation against cyber threats. We look forward to continuing to learn from the critical infrastructure community, through our request for information and our coast-to-coast listening sessions, to understand how we can implement the new cyber incident reporting legislation in the most effective way possible to protect the nation’s critical infrastructure.”

In addition to providing the opportunity to submit written comments in response to the RFI, CISA announced it will be hosting public listening sessions across the country to receive in-person input to inform the development of the proposed regulations.

The Department of Homeland Security (DHS), which houses CISA, is also leading the newly established Cyber Incident Reporting Council, which was created by CIRCIA to better harmonize the various existing federal cyber incident reporting structures. The work of the council will inform, as appropriate, the new proposed rule.




 
 
Post a comment
Name: *
Email: *
Title: *
Comment: *
 

Comments

No Comments Submitted Yet

Be the first by using the form above to submit a comment!


Education






Events
November 2022

8 - 10
Communications Marketing Conference (CMC)
Albuquerque, New Mexico
https://cma-cmc.org/

15 - 16
Wireless Leadership Summit (WLS)
Tucson, Arizona
https://www.enterprisewireless.org/wls

March 2023

27 - 30
International Wireless Communications Expo (IWCE) 2023
Las Vegas
https://iwceexpo.com

More Events >

Site Navigation

Close