News & Analysis as of

Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) Cybersecurity Critical Infrastructure Sectors

Benesch

Supply Chain Security Is National Security: Cyber, Physical, and Personnel Protections

Benesch on

U.S. supply chain security is increasingly under threat. The White House’s National Security Strategy describes this moment as an inflection point. Many federal agencies have taken charge in elevating the very concept of...more

McDermott Will & Emery

Special Report: Preparing for CIRCIA’S Reporting Requirements and Avoiding Its Harsh Penalties

McDermott Will & Emery on

The US Cybersecurity and Infrastructure Security Agency (CISA) recently published a Notice for Proposed Rulemaking intended to supplement the Cybersecurity Incident Reporting for Critical Infrastructure Act (CIRCIA). The...more

Bradley Arant Boult Cummings LLP

Mandatory Cybersecurity Incident Reporting: The Dawn of a New Era for Businesses

A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more

HaystackID

New Cyber Regulations Define Battle Lines in Corporate and Infrastructure Security

HaystackID on

Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more

McCarter & English Blog: Government Contracts...

CISA’s CIRCIA Proposed Rule: Another Player Enters the Reporting Regime

Cyber incidents involving critical infrastructure pose a serious risk to the US. In March 2024, the Environmental Protection Agency and the National Security Advisor warned state governors about potential attacks on drinking...more

Locke Lord LLP

CISA’s Proposed Cyber Incident Reporting Rules Under CIRCIA

Locke Lord LLP on

On April 4, 2024, the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) released for public comment its long-awaited proposed rules to implement the Cyber Incident...more

Jenner & Block

Client Alert: White House Releases Report on US Cybersecurity Posture

Jenner & Block on

On May 7, 2024, the White House Office of the National Cyber Director (ONCD) released several reports on the United States’ cybersecurity posture and strategic plan. These documents implement the 2023 National Cybersecurity...more

Bond Schoeneck & King PLLC

CISA’s CIRCIA NPRM Advances the March Toward Heightened Reporting – Yet the Jury Still Is Out on How CIRCIA Will Affect Healthcare

Remember CIRCIA? The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”) – intended to beef up reporting requirements across industries following cyber incursions – is moving along the pathway from...more

Polsinelli

Critical Infrastructure Cybersecurity – Evolving Incident Response Obligations, Integral to Effective Risk Management

Polsinelli on

Just over a year ago, the White House issued its long-awaited National Cybersecurity Strategy, with an emphasis on defending Critical Infrastructure, promoting public and private collaboration, and safeguarding...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Dechert LLP

Dechert Cyber Bits - Issue 53

Dechert LLP on

April 2024 On April 4, 2024, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) published a 447-page Notice of Proposed Rulemaking (“Proposed Rules”) in accordance with the...more

Vedder Price

Breach Response: Is 72 hours the new 30 days?

Vedder Price on

For years, we were able to tell most clients experiencing a potential data security incident that they likely had at least 30 days to notify any third parties about the incident – if they concluded it was a breach. There...more

Cooley LLP

CISA Opens Notice and Comment Process on CIRCIA Draft Regulations

Cooley LLP on

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security published a long-awaited notice of proposed rulemaking (NPRM) pursuant to the Cyber Incident Reporting...more

Bass, Berry & Sims PLC

CISA Publishes Proposed Rule for Cyber Reporting

Bass, Berry & Sims PLC on

On April 4, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published its much-anticipated Notice of Proposed Rule Making for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)....more

Jones Day

CISA Releases Proposed Cyber Incident and Ransom Payment Reporting Rules to Implement CIRCIA

Jones Day on

CISA's proposed rules will require organizations operating in U.S. critical infrastructure sectors to report cyber incidents within 72 hours and ransom payments within 24 hours. ...more

Hinckley Allen

Navigating Profound Change: CISA Announces Proposed Rule for Mandated Cyber Incident Reporting

Hinckley Allen on

In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more

Pillsbury Winthrop Shaw Pittman LLP

New CISA Rule Would Require Widespread Cyber Incident Reporting, Updated Timelines and Penalties for Critical Infrastructure...

Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more

Schwabe, Williamson & Wyatt PC

Comments Sought on Proposed Requirements of the Cyber Incident Reporting for Critical ‎Infrastructure Act

On March 15, 2022, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law. Generally, CIRCIA requires “covered entities,” defined as entities in certain critical infrastructure sectors, to...more

Sheppard Mullin Richter & Hampton LLP

CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service...

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the...more

Venable LLP

CIRCIA: Cyber Incident Reporting for Practically Everyone?

Venable LLP on

A sweeping array of businesses are another step closer to requirements to report cybersecurity incidents and ransomware payments to the federal government. On April 4, 2024, the U.S. Department of Homeland Security's (DHS)...more

Alston & Bird

CISA Posts Notice of Proposed Rulemaking Under CIRCIA

Alston & Bird on

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM) implementing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). For...more

Jenner & Block

Client Alert: CISA Announces Proposed Cyber Incident Reporting Rule

Jenner & Block on

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), an operational component of the Department of Homeland Security (DHS), posted for public inspection its long-anticipated notice of proposed...more

Wiley Rein LLP

As Cyber Regulators Rush Toward New Rules, Shifting Foundations May Complicate Compliance

Wiley Rein LLP on

These days, cyber regulators are in a hurry. Commentators have observed, the “federal government is quietly directing a seismic shift in the economy” with new mandates. Ann Neuberger, Deputy National Security Advisor for...more

Paul Hastings LLP

CISA Proposes Sweeping Cybersecurity Incident Reporting for U.S. Companies

Paul Hastings LLP on

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more

Mayer Brown

Proposed Rule Issued to Implement Cyber Incident Reporting for Critical Infrastructure Act

Mayer Brown on

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more

35 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide