Adrian Johnson
TLDR:
• CISA has unveiled a draft cyber incident disclosure rule for critical infrastructure sectors
• The rule mandates reporting ransomware incidents and payments within specific time frames
In a new draft cyber incident reporting rule unveiled by the Cybersecurity and Infrastructure Security Agency (CISA), organizations part of the 16 critical infrastructure sectors would be required to report ransomware incidents and payments within specific time frames. The rule, created under the Cyber Incident Reporting for Critical Infrastructure Act, aims to provide CISA with information to facilitate threat analysis, mitigation, and incident response efforts. Public comments for the draft rule will be open for two months, raising concerns from experts like Josh Corman about potential detrimental effects on smaller healthcare providers due to outdated criteria for incident reporting. The draft rule also includes requirements for distributed denial-of-service notifications only in the event of prolonged disruptions.
According to CyberScoop, the rule’s proposed 72-hour and 24-hour reporting timelines for ransomware incidents and payments, respectively, aim to improve transparency and information sharing within critical infrastructure sectors. The draft rule underscores the importance of timely incident reporting in enhancing cybersecurity defense and incident response capabilities. Organizations affected by the rule should stay informed of updates and be prepared to comply with the reporting requirements to contribute to collective efforts in enhancing national cybersecurity resilience.
