The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Request for Information (RFI) and announced “public listening sessions” soliciting input in advance of formal rulemaking under the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). CIRCIA was enacted in March 2022 amid growing concern around cybersecurity threats and incidents impacting U.S. critical infrastructure. The RFI is open for comments through November 14, 2022.
In this report we discuss the key topics related to the upcoming rulemaking that are open for comment.
Authored by Stacy Hadeka, Paul Otto, Peter Marta, Mike Mason, Scott Loughlin, Allison Holt Ryan, Mike Scheimer, Jasmeet Ahuja, Dan Ongaro, and Alaa Salaheldin.