In March 2022, the Biden Administration signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments.
The CIRCIA incident reports are meant to enable CISA to:
Rapidly deploy resources and render assistance to victims suffering attacks
Analyze incoming reporting across sectors to spot trends
Quickly share information with network defenders to warn other potential victims
As they say, the devil is in the details. In early April, the 447-page Notice of Proposed Rulemaking (NPRM) was published by CISA in response to its responsibilities mandated by CIRCIA. The document is now open for public feedback through the Federal Register.
Considering CIRCIA and its newly published NPRM, what might incident reporting for ransomware attacks look like in the future? Let’s find out.
How does CISA define ransomware?
As per CISA, “Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.”
Ransomware groups often target and threaten to sell or leak stolen data or authentication information if the ransom is not paid. Ransom ..
Support the originator by clicking the read the rest link below.
