Cybersecurity Dive July 8, 2024
David Jones

In a last-minute push, critical infrastructure stakeholders urged federal officials to give more flexibility on the detail required during the first 72 hours of covered cyber incidents.

A flurry of critical infrastructure providers are making a final push to urge the Cybersecurity and Infrastructure Security Agency to place guardrails around new incident reporting requirements.

The Cyber Incident Reporting for Critical Infrastructure Act, which will go into effect next year, requires covered critical infrastructure providers to report major security breaches or attacks within 72 hours. Those entities will also have to report ransomware payments within 24 hours.

In pushback against the proposed rule during the public comment period, which was extended to July 3, critical infrastructure providers want to...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, Provider, Technology
Related Articles:
HIMSS 2025: Four big themes of the health conference
Weak cyber defenses are exposing critical infrastructure — how enterprises can proactively thwart cunning attackers to protect us all
B2B Healthcare Procurement Has a Growing Hacking Problem
Critical infrastructure at state, local levels at heightened risk of cyberattacks
MedCity Pivot Podcast: Being Clear About Cybersecurity

Share This Article