Cybersecurity Reporting Improved

The Cybersecurity and Infrastructure Agency (CISA) has opened a new portal that is more user-friendly to enable easier reporting of cybersecurity incidents. Reporting is currently voluntarily, but per the “Cyber incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), reporting for covered entities will become mandatory once regulations become final. The reporting requirement deadlines will be 72 hours for cyber incidents and 24 hours for ransomware attacks.