The Cybersecurity and Infrastructure Security Agency (CISA) will issue a final rule to implement stricter cyber reporting requirements by May 2026, according to a regulatory analysis published Friday.
CISA did not immediately respond to a request for comment.
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) calls for making entities deemed as critical infrastructure to report “substantial” cyber incidents and ransomware payments to the US Cybersecurity and Infrastructure Security Agency.
The regulatory agenda, briefly posted on the Office of Information and Regulatory Affairs website, is the first in President Donald Trump’s second term. The site was ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.