"The Department of Homeland Security shutdown, now entering its third week, may push back the finish line for a Biden-era rule that would create stringent disclosure requirements for critical infrastructure entities after cybersecurity incidents like ransomware attacks."
"The lapse in funding came just days after an announcement from the Cybersecurity and Infrastructure Security Agency in February that it wanted additional feedback on the Cyber Incident Reporting for Critical Infrastructure Act rule, which marked the first substantial update on the rule since companies submitted comments in June 2024."
"The rulemaking's hazy timeline puts companies in a difficult spot: having to prepare to both try and shape the Trump administration's approach to the rule's requirements and enforcement plans, as well as the scope, and begin addressing the regulation's unique compliance demands."
A partial government shutdown affecting the Department of Homeland Security has entered its third week, threatening to delay the Biden-era Cyber Incident Reporting for Critical Infrastructure Act rule. This regulation would impose stringent disclosure requirements for critical infrastructure entities following cybersecurity incidents such as ransomware attacks. The shutdown occurred shortly after the Cybersecurity and Infrastructure Security Agency announced it sought additional feedback on the rule in February, marking the first substantial update since companies submitted comments in June 2024. Companies had previously objected to the regulation's scope. The uncertain timeline creates challenges for organizations attempting to prepare for compliance while simultaneously trying to influence the Trump administration's approach to the rule's requirements, enforcement plans, and scope.
#cybersecurity-regulation #government-shutdown #critical-infrastructure #incident-reporting-requirements #compliance-uncertainty
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]