Yesterday, CISA announced a new effort targeting efforts to get organizations to voluntarily report cyber incidents. The new website “is designed to help entities that may be considering voluntarily reporting cyber incidents understand “who” CISA recommends report an incident, “why and when” CISA recommends they report, as well as “what and how to report.””
Commentary
While this is strictly a voluntary incident reporting system,
I am reasonably sure that CISA will be using this as a part of their effort to
develop the mandatory critical infrastructure reporting system required by Cyber
Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Pushing
this voluntary system will allow CISA to work out any bugs in the reporting
system before it is rolled out live next year.
For more information about this new initiative, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/new-cisa-voluntary-cyber-incident
- subscription required.
Posts
No comments:
Post a Comment