IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Reporting Cybersecurity Intrusions: Establishing a Standard

Right now we don’t have a well-understood manner of reporting.

The first aspect of countering cybersecurity issues is to know what is happening in real time. This appears to be the goal of the Cybersecurity and Infrastructure Security Agency (CISA) to get a handle on what is happening, as well as when and where it is happening.

See the announcement below for how you can plug into this effort being announced:

Cybersecurity and Critical Infrastructure Partners

In March, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022, otherwise known as “CIRCIA.” Enactment of CIRCIA is a game changer for the whole cybersecurity community and everyone invested in protecting our nation’s critical infrastructure. It will allow us to understand the threats we are facing, to spot adversary campaigns earlier, and to take more coordinated action with our public and private sector partners in response

Of note, CIRCIA mandates that the Cybersecurity and Infrastructure Security Agency (CISA) develop and implement regulations requiring covered entities to report to CISA on covered cyber incidents and ransom payments. We can’t defend what we don’t know about, and the information we receive pursuant to CIRCIA will help us fill critical information gaps that will inform the guidance we share with the entire community, ultimately better defending the nation against cyber threats.

To that end, CISA is issuing a Request for Information (RFI) and notice of public listening sessions— both of which were filed by the Federal Register for public inspection today and will be published officially in the Federal Register on Monday, September 12—to provide stakeholders from across the spectrum with the opportunity to provide ideas and perspectives, within the limitations of the rulemaking process and timeline itself.

There will be two ways for individuals or organizations to provide inputs on potential aspects of the proposed regulations implementing CIRCIA prior to the release of a Notice of Proposed Rulemaking:

  • submit written feedback in response to the RFI;  
  • participate in one of the public listening sessions that CISA is hosting across the country.  

We look forward to learning from our critical infrastructure partners to understand how we can implement the new cyber incident reporting legislation in the most effective way possible to protect the nation’s critical infrastructure.

DHS is also leading the newly established Cyber Incident Reporting Council, which was created by CIRCIA to identify ways to harmonize the various existing federal cyber incident reporting structures. The work of the Council will inform, as appropriate, the new proposed rule.

To learn more about CIRCIA and for additional details on both the RFI and the upcoming listening sessions, including dates and locations and how to register, visit cisa.gov/CIRCIA.

If you have any questions on this process, please feel free to reach out to CIRCIA@cisa.dhs.gov.
Eric Holdeman is a contributing writer for Emergency Management magazine and is the former director of the King County, Wash., Office of Emergency Management.