New cyber incident reporting requirements on the horizon for critical infrastructure sectors

On March 15, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Referred to in cybersecurity circles as a “game-changer,” the law introduces strict reporting requirements for critical infrastructure organizations, signaling a new era for cyber regulation in the U.S. Although it will take time for regulators to formalize specific requirements and responsibilities, risk professionals can learn much about their potential reporting obligations by reviewing the current form of the law.

Download the PDF to read more.

Download alert (opens a new window)