DHS: Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements; Extension of Comment Period

Federal Register

May 6, 2024

The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is allowing an additional 30 days for comment on the April 4, 2024, proposed rule titled "Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements." DHS is seeking comments on the practical and policy issues related to the implementation of regulations regarding covered cyber incident and ransom payment reporting requirements for covered entities, as required by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Comments are now due July 3, 2024.

Emergency preparedness and response · Healthcare facilities · Infrastructure · Legislation and regulations · Technology for health and human services