Cybersecurity Dive March 27, 2024
David Jones

CIRCIA will require covered entities to promptly disclose major cyber incidents and ransomware payments.

The Cybersecurity and Infrastructure Security Agency posted a long-anticipated notice of proposed rulemaking Wednesday for the Cyber Incident Reporting for Critical Infrastructure Act of 2022. The rule would require covered entities to promptly report cyber disruptions and ransomware payments.

CIRCIA requires covered entities to report significant cyber incidents within 72 hours of discovery. Critical infrastructure entities will also have to report ransom payments within 24 hours.

The proposed rule is designed to help federal authorities better coordinate critical infrastructure threat responses and share vital details with industry and government partners.

“CIRCIA is a game changer for the whole cybersecurity community, including everyone invested in...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, HHS, Provider, Technology
Related Articles:
Trump's push to work with Russia is upending U.S. cyber strategy
Why Cyber Drills Are As Vital As Fire Drills
Facilitating interoperability hinges on a security mindset, says HIMSS25 panel
Lloyds Secures Patents for Methodology That Assesses Cybersecurity Alerts
HIMSS25 Cyber Forum keynote urges industry involvement

Share This Article