Department of Homeland Security proposes regulations for reporting critical infrastructure incidents

Published:

spot_img

The Department of Homeland Security (DHS) has unveiled a new set of rules for critical infrastructure reporting in the wake of cyberattacks and other cyber incidents. These rules, overseen by the CISA under the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), will streamline the process for organizations to report incidents to the federal government.

Security experts have weighed in on the proposed rules, emphasizing the need for a unified approach to cybersecurity requirements across industries and government entities. Jose Seara, CEO and Founder at DeNexus, highlighted the importance of simplifying cybersecurity programs through alignment with regulators and agencies like the SEC and CISA. Meanwhile, John Gallagher, Vice President of Viakoo Labs at Viakoo, praised CIRCIA as a significant step towards enhancing awareness and coordinated responses to cyber threats in critical infrastructure.

The proposed rules are particularly focused on addressing IoT/OT/ICS vulnerabilities in critical industries and aim to accelerate information sharing and best practices within these sectors. By establishing clear reporting timelines for different types of incidents, such as cyber incidents and ransomware payments, CISA hopes to minimize the impact of breaches and reduce the window of vulnerability for organizations.

The estimated costs associated with implementing these rules, at $2.6 billion over 11 years, are seen as a modest investment considering the potential risks posed by cybercrime and critical infrastructure incidents. Overall, the industry response to the proposed rules has been positive, with many experts applauding the proactive measures taken by the DHS and CISA to strengthen cybersecurity in critical infrastructure sectors.

spot_img

Related articles

Recent articles

Microsoft Releases Urgent Patch for Critical WSUS Vulnerability (CVE-2025-59287)

Microsoft’s Urgent Security Update for Windows Server: Addressing a Critical RCE Vulnerability Understanding the CVE-2025-59287 Vulnerability Microsoft has taken immediate action by issuing an urgent out-of-band...

Toys “R” Us Canada Confirms Customer Data Breach Following Dark Web Leak

Toys “R” Us Canada alerts customers following a confirmed data breach, emphasizing the importance of vigilance against phishing attempts. Breach Confirmed After Dark Web Posting Toys...

Grounded Leadership: Janine Seebeck’s Guide to Connecting with Customers

BeyondTrust's Thriving Journey in the Middle East BeyondTrust, a leader in cybersecurity, is making significant strides in the Middle East, transforming it into one of...

Chhattisgarh Inquiry Launched into Sexual Harassment Claims Against IG Ratanlal Dangi: “No One Will Be Spared,” Says CM Vishnudev Sai

Raipur: An Investigation into Allegations Against IG Ratanlal Dangi Raipur has recently found itself at the center of a serious controversy involving Inspector General (IG)...