DHS Proposes Critical Infrastructure Reporting Rules

  /     /     /  
Publicated : 23/11/2024   Category : security


DHS Proposes Critical Infrastructure Reporting Rules


CISA will administer the new reporting requirements for cyber incidents and ransomware payments.



The Department of Homeland Security today previewed a set of proposed rules for how critical infrastructure organizations should report cyber incidents to the federal government.
The reporting process will be overseen by the Cybersecurity and Infrastructure Security Agency (CISA), a stipulation of the Cyber Incident Reporting for Critical Infrastructure Act
(CIRCIA)
. The proposed rules will officially be published on April 4; DHS offered no explanation for what amounts to an early release.
CIRCIA was signed into law
in March 2022 with the goal of improving Americas cybersecurity by being able to deploy resources faster as well as assist victims in the face of cyberattacks, among other objectives. Under CIRCIA, CISA is required to promulgate regulations implementing the statutes covered cyber incident and ransom payment reporting requirements for covered entities, DHS said in its March 27 preview. 
Official release of
447-page document
opens public comment on the proposed rules — what they should contain and how they should be administered, among other requirements.
Chris Warner, OT security strategist at GuidePoint Security, noted that while certain challenges arise with this kind of policymaking, it also poses substantial advantages. 
The legislation has significant potential benefits for private organizations that operate over 70% of the nations
critical infrastructure
, Warner wrote in an emailed statement. The enforcement of reporting an attack within 72 hours and a ransom payment within 24 hours could help identify these events so they are reported.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DHS Proposes Critical Infrastructure Reporting Rules