CISA reveals new rule for reporting critical infrastructure incidents

1 min read

CISA Unveils Critical Infrastructure Reporting Rule


  • CISA issued a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act.
  • Covered entities must report cyber incidents within 72 hours and ransom payments within 24 hours.

The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new Critical Infrastructure Reporting Rule, known as the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022. Under this rule, covered entities are required to report significant cyber incidents within 72 hours of discovery, along with ransom payments within 24 hours. The rule aims to enhance cybersecurity coordination and response efforts across industry and government sectors, with CISA Director Jen Easterly emphasizing its importance in leveraging incident and ransomware payment data to detect patterns, address information gaps, and assist entities impacted by cyberattacks swiftly.

The proposed rule, estimated to cost $2.6 billion and potentially affecting over 316,000 entities, was published on April 4, 2024, initiating a public comment period until June 3, 2024. Callie Guenther from Critical Start highlighted challenges such as varying cybersecurity levels across sectors and the need for clear guidelines on defining “significant” cyber incidents. Jose Seara of DeNexus emphasized the importance of proactive preparation and risk assessment, especially in capital-intensive environments with cyber-physical assets.

Marcus Fowler from Darktrace Federal pointed out the increasing convergence of IT and operational technology (OT) in critical infrastructure providers and manufacturing companies, leading to growing cyber-physical attack risks. Guenther advised balancing the rule’s effectiveness with financial and operational feasibility, suggesting phased implementation based on entity size and sector criticality. Industry-specific risk identification and compliance flexibility were also recommended for broad protection.

Previous Story

Albania Under Attack: Coordinated Cyber Strike Targets Online Citizens Channel

Next Story

NSA tackles hybrid cloud, multi-cloud challenges in cybersecurity guide

Latest from News

US sanctions Kaspersky Lab for Russia ties

TLDR: The Biden administration announced sanctions against 12 executives and senior leaders of Kaspersky Lab, a Russia-based cybersecurity company. The Commerce Department banned Kaspersky