Groups Push Against Cyber Incident Reporting Requirements

The Cybersecurity and Infrastructure Security Agency’s Cyber Incident Reporting for Critical Infrastructure Act aims to enhance the collective defense against cyber threats by demanding organizations within critical sections report significant cyber incidents within a 72-hour window. Stakeholders have expressed concerns about the proposal and its introduction, however, due to questions about which organizations are required to report, the type of incidents that need to be reported, and practicality issues.