The Cybersecurity and Infrastructure Security Agency is asking for additional feedback on how to refine the scope and burdens of a Biden-era cyber incident reporting rule, according to a notice released Thursday.
CISA, which protects US critical infrastructure, will host town hall meetings in March to gather stakeholder input on improvements the agency can make to its rule that would require covered entities to report cyber incidents and ransomware payments to CISA. The proposed rule would implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) and require critical infrastructure entities to report substantial cyber incidents.
- The agency …
