As the Cybersecurity and Infrastructure Security Agency (CISA) continues to grapple with the early stages of a rulemaking process for recently enacted cyber incident reporting legislation, CISA Director Jen Easterly said it will be crucial to develop trust with the private sector so that the law is seen as “value-added” and not a burden. […]

As the Federal government works through the rulemaking process for the recently signed Incident Reporting legislation that originated in the Senate Homeland Security and Governmental Affairs Committee, witnesses for that same committee today stressed the need for unity among both reporting avenues and standardization of data to help operationalize the data. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to set an “aggressive” pace to conduct the rulemaking proceeding necessary to implement recently approved cyber incident reporting legislation, but also indicated today that completion of a rulemaking could be a couple of years away. […]

After a surprising failure to get mandatory cyber incident reporting included in the fiscal year (FY) 2022 National Defense Authorization Act (NDAA), Rep. Yvette Clarke, D-N.Y., and John Katko, R-N.Y., called the issue a top cybersecurity legislative priority for 2022. […]

A draft bill that would establish a mandatory cyber incident reporting framework at the Cybersecurity and Infrastructure Security Agency (CISA) received praise from stakeholders and industry leaders during a hearing on Sept. 1 from the House Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation. […]