Earlier this month, CISA published the official version of their Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) (Division Y, PL 117-103) notice of proposed rulemaking (NPRM). This is part of a continuing series of posts looking at the proposed rulemaking. In this post I will be looking at how CISA is proposing to deal with the problem of implementing the CIRCIA mandated definitions relating to cyber incidents as it applies to these reporting requirements.
Previous posts in this series include:
CISA Publishes CIRCIA Support NPRM (non-subscription version), and
Statutory Definitions
CIRCIA provides legal definitions (6 USC 681) for the following cyber incident related terms:
• Cyber incident,
• Significant cyber incident, and
• Ransom payment
NPRM Definitions
The NPRM includes in the new Part 226, a section (§226.1) dealing with definitions used in the proposed regulation. Terms of importance leading to the definition of the term ‘covered incident’ include:
• Cyber incident, and
This leads to the rather simple definition of the term ‘covered cyber
incident’ as any substantial cyber incident experienced by a covered entity.
For a more detailed look at these definitions, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/circia-nprm-8dd
- subscription required.
Posts
No comments:
Post a Comment