This article focuses on the requirements of CISA's proposed cyber incident reporting rule, the compliance requirements for covered entities and the steps entities can take to protect themselves.

Cyberattacks targeting critical infrastructure and essential services are on the rise. In response, the Cybersecurity and Infrastructure Security Agency (CISA), under the Cyber Incident Reporting for ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

The recommendations, delivered to Congress today in a report, are a requirement of the landmark Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). Today, the Department of Homeland ...

The current cybersecurity regulatory landscape continues to evolve, and CIRCIA’s incident reporting requirements are just one of the many emerging regulations organizations will need to observe ...

CISA’s massive rulemaking will create the first US cyber incident and ransomware payment reporting mechanism that promises to radically overhaul the workloads of most cybersecurity professionals. In ...

Interviews with over a dozen CISOs, lawyers, and government officials suggest that cyber incident reporting rules are leading to increased corporate cybersecurity governance. But there's no evidence, ...

In a new congressionally mandated report, DHS acknowledges the problems faced by critical industry sectors of overlap and duplication in cyber incident reporting. In a new report, the Department of ...