DHS Suggests New Reporting Regulations for Critical Infrastructure

DHS Suggests New Reporting Regulations for Critical Infrastructure

The Department of Homeland Security (DHS) has introduced a proposed set of regulations for reporting on critical infrastructure incidents. These rules will outline the requirements for critical infrastructure organizations to report cyberattacks or other cyber incidents to the federal government. The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) mandates that the reporting process be overseen by the CISA.

Security leaders provide insights

Jose Seara, CEO and Founder at DeNexus:

“The alignment and convergence of cybersecurity standards by industry regulators and government bodies like the SEC and CISA are essential. This alignment will help businesses simplify and enhance their cybersecurity programs. We recommend that organizations begin with a cyber risk quantification exercise to identify key vulnerabilities and prioritize risk mitigation efforts.”

John Gallagher, Vice President of Viakoo Labs at Viakoo:

“CISA has made significant progress with CIRCIA. This act is a crucial step in increasing awareness and coordinated responses to cyber threats among critical infrastructure organizations and other entities. While there is still a long way to go in achieving secure and resilient infrastructure, CIRCIA represents a significant milestone towards that goal.

“With the focus on IoT/OT/ICS vulnerabilities, CIRCIA has shown foresight and has facilitated information sharing and best practices across industries. However, there is a need for more effort in benchmarking preparedness and establishing clear guidelines for ethical disclosure in critical infrastructure and Cyber-Physical Systems, which differ from data theft.

“The impact of breaches in critical infrastructure is significant and time-sensitive, so reducing the reporting time minimizes the window of vulnerability following a breach. Different reporting timelines for cyber incident reporting (72 hours) and ransomware payment (24 hours) are important distinctions. Lengthening the reporting time for incidents helps prevent false alarms and allows for a more thorough threat assessment. Ransomware payments, on the other hand, require immediate reporting.

“Establishing clear definitions and requirements for covered organizations also enables cyber insurance providers to collaborate with critical infrastructure organizations and use these guidelines in underwriting decisions. Additionally, the estimated cost of $2.6 billion over 11 years ($236 million per year) is relatively modest considering the scale of cybercrime and the impact of critical infrastructure incidents. Underfunding security for critical infrastructure and cyber-physical systems raises concerns.”

Post Your Comment

Subscribe Our Newsletter

We hate spam, we obviously will not spam you!

Services
  • Security Analysis
  • Penetration Testing
  • Thread Detection
  • 360 Protection
Use Cases
  • Website Security
  • AppSec
  • Case Studies
  • Integrations
Opportunities
  • Partnerships
  • Software Suite
  • Careers
Resources
Support
  • Support
  • Contact Us
  • About Us
  • Partnerships
Get in Touch
Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC

Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC