CISA teases cyber incident reporting rule for critical infrastructure


Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

CISA is offering organizations a preview of the proposal before it is officially released next Thursday as a notice of proposed rulemaking. CISA, which is responsible for understanding, managing, and reducing risks to critical infrastructure from digital and physical attacks, will seek public comments on the draft rule, according to a press release Wednesday.

Public comment will be open for 60 days following publication in the Federal Register.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.