image credit: Adobe Stock

CISA launches incident, ransomware reporting rulemaking RFI

September 12, 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released its request for information (RFI) on upcoming reporting requirements that will mandate organizations report significant cybersecurity incidents within 72 hours and ransomware payments 24 hours after payments are made. The RFI follows the March passage of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which requires CISA to pursue a regulatory rulemaking path for collecting the incident and ransomware payment data.

Read More on CSO Online