Today, CISA announced that the Agency had published their congressionally mandated report on “Harmonization of Cyber Incident Reporting to the Federal Government”. The report was required by §107(d) of the Cyber Incident Reporting for Critical Infrastructure Act OF 2022 (Division Y, Public Law No: 117-103). The report is 107 pages long.
Congress required CISA to prepare a report for Congress on ‘Harmonization of Reporting Regulations’. That report was supposed to include:
• A list of duplicative Federal
cyber incident reporting requirements on covered entities,
• A description of any challenges
in harmonizing the duplicative reporting requirements,
• Any actions the Director intends
to take to facilitate harmonizing the duplicative reporting requirements, and
• Any proposed legislative changes necessary to address the duplicative reporting.
CISA’s announcement of the report noted that:
“To develop these recommendations,
the Cyber Incident Reporting Council analyzed over 50 different federal cyber
incident reporting requirements and engaged with numerous industry and private
sector stakeholders,” said DHS Under Secretary for Policy and CIRC Chair Robert
Silvers. “It is imperative that we streamline these requirements. Federal
agencies should be able to receive the information they need without creating
duplicative burdens on victim companies that need to focus on responding to
incidents and taking care of their customers. We look forward to working with
Congress and across the Executive Branch to implement these recommendations.”
Posts
No comments:
Post a Comment