This content is for members only. Please and try your request again.

DHS CISA Executive Director Brandon Wales on pace of incident reporting rule

“Speaking on June 1 at a cybersecurity conference organized by Boston College, CISA Executive Director Brandon Wales ran down the lengthy timeline for an incident reporting rulemaking as spelled out in the Cyber Incident Reporting for Critical Infrastructure Act approved by Congress earlier this year as part of full-year FY2022 spending legislation.

The legislation – once implemented by a rulemaking from CISA – will obligate critical infrastructure owners and operators to report certain cyber incidents to CISA within 72 hours, and to report ransomware payments they made to attackers within 24 hours…

‘There will be a number of opportunities for the private sector to provide feedback,’ Wales said. ‘People will start hearing from us extremely quickly on ways that we will be soliciting industry input,’ he pledged.

‘There are some big questions we have to answer’ in the rulemaking, he continued. These include what entities are covered by the law, what are the precise trigger thresholds for reporting, and what kind of information will be required to be reported…” Read the full article here.

Source: CISA’s Wales Sees ‘Aggressive’ Pace on Incident Reporting Rule – By John Curran, June 1, 2022. MeriTalk.


This topic has 0 replies, 1 voice, and was last updated 8 months, 1 week ago by Jackie Gilbert.

Viewing 0 reply threads

You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.

G2Xchange FedCiv

Log in with your credentials
for G2Xchange Health

Forgot your details?