Rule/Notice/NOFO: DHS Cyber Incident Reporting for Critical Infrastructure: Reporting Requirements
Federal Register/Notice: govinfo.gov
Type of Requirement: NPRM
Description: The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), as amended, requires the Cybersecurity and Infrastructure Security Agency (CISA) to promulgate regulations implementing the statute’s covered cyber incident and ransom payment reporting requirements for covered entities. CISA seeks comment on the proposed rule to implement CIRCIA’s requirements and on several practical and policy issues related to the implementation of these new reporting requirements.
How is it enforced by FTA, DOT, Direct grant requirement, triennial review or other? TBD
Is there a cost or time impact to grantees (best estimate): TBD
APTA Comment/Letter: Completed Comments
APTA Staff Advisor: Polly Hanson, phanson@apta.com