What CISOs Should Know About CIRCIA Incident Reporting
SecurityIntelligence, December 8th, 2022
In March of 2022, a new federal law was adopted: the Cyber Incident Reporting Critical Infrastructure Act (CIRCIA).
This new legislation focuses on reporting requirements related to cybersecurity incidents and ransomware payments. The key takeaway: covered entities in critical infrastructure will now be required to report incidents and payments within specified time frames to the Cybersecurity and Infrastructure Security Agency (CISA).
These new requirements will change how CISOs handle cyber incidents for the foreseeable future. As a result, CISOs must stay up to date on current reporting requirements, update reporting procedures and work to ensure they stay compliant.