On April 4, 2024, CISA published its long-awaited Notice of Proposed Rulemaking to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). If passed in their current form, the Rules would create extensive reporting obligations for an estimated 316,244 covered entities across 16 critical infrastructure sectors.
Congress Passes 72-Hour Federal Breach Reporting Law for Critical Infrastructure
By Jena M. Valdetero on
Posted in Biden Administration, CIRA, CISA, Congress, Data Privacy & Cybersecurity, Featured, GT Alert, Infrastructure
As part of a larger spending bill signed by President Biden on March 15, 2022, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act (CIRA) to increase funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA). CIRA requires companies considered to be in a “critical infrastructure” sector to notify CISA within 72 hours…