United States of America: Announced CISA Notice of Proposed Rulemaking on Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting

On 27 March 2024, the Cybersecurity and Infrastructure Security Agency (CISA), under the Department of Homeland Security (DHS), announced the Notice of Proposed Rulemaking (NPRM) as mandated by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). The NPRM aims to enhance the United States of America's cybersecurity by mandating the reporting of cybersecurity incidents and ransomware payments. The NPRM, which will be formally published in the Federal Register, initiates a 60-day public comment period to gather feedback on the proposed regulations. The NPRM aims to improve CISA's capabilities in real-time pattern identification, fill information gaps, and deploy resources to assist entities that are in a cyber attack.