Security News > 2022 > December > What the CISA Reporting Rule Means for Your IT Security Protocol
The new Cyber Incident Reporting for Critical Infrastructure Act of 2022 requires CISA to create rules regarding cyber incident reporting by critical infrastructure organizations.
CISA will share data from cyber incident reports, including defensive measures and anonymized cyber threat indicators, with other organizations.
The rule will likely result in frequent reporting as the broader list of incidents includes scans and attempted incidents, not just successful intrusions.
Unreported incidents and slow reporting can trigger enforcement action from the CISA Director.
The rule will force organizations to use every means to tighten and enforce security protocols to reduce the frequency of cyber incidents.
Cybersecurity vendors must keep pace with their customers and the new 72-hour timetable as they aid in the investigation, response, and reporting of incidents the rule covers.
News URL
http://thehackernews.com/2022/12/what-cisa-reporting-rule-means-for-your.html