Skip to main content
Skip to navigation

Regulatory Policy

CISA teases cyber incident reporting rule for critical infrastructure

By Adrianne Appel2024-03-28T20:52:00

Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

CISA is offering organizations a preview of the proposal before it is officially released next Thursday as a notice of proposed rulemaking. CISA, which is responsible for understanding, managing, and reducing risks to critical infrastructure from digital and physical attacks, will seek public comments on the draft rule, according to a press release Wednesday.

Public comment will be open for 60 days following publication in the Federal Register.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

News Brief
American Water Works discloses probe into cybersecurity breach

2024-10-08T14:13:00Z By Jeff Dale

American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
News Brief
CISA creates new portal for businesses to file cyber incident reports

2024-09-05T19:08:00Z By Adrianne Appel

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
News Brief
EPA warns of increased cybersecurity scrutiny toward water systems

2024-05-21T19:27:00Z By Adrianne Appel

The Environmental Protection Agency is increasing its inspections of public drinking water systems after finding a majority of those reviewed were vulnerable to cyberattacks and related threats.

More from Regulatory Policy

Article
Compliance must focus on corruption as EU and U.K. seek to tackle rising risks

2026-03-19T14:50:00Z By Ruth Prickett

Corruption isn’t something that happens somewhere else, in other countries and committed by other people. Nowhere is corruption-proof, and new rules being introduced in the EU and the U.K. aim to focus compliance officers on the full gamut of risks in all jurisdictions and every sector.
Article
Employment law in the age of AI: Compliance considerations

2026-03-18T00:00:00Z By Jaclyn Jaeger

Employment law in the age of AI is evolving faster than many companies can keep pace. As more states enact AI laws and as more case law piles on, chief compliance officers and in-house counsel must ensure that compliance policies and procedures evolve as AI legal and compliance risks evolve.
Article
Compliance must future-proof AI projects to meet evolving regulations

2026-03-16T20:22:00Z By Ruth Prickett

AI implementations are surging, but many new systems are being abandoned after companies have invested in expensive projects. Now evolving AI regulation is adding to the list of reasons why new systems may fail. Compliance must watch emerging regulatory developments and ensure that any new AI tools are capable of ...