{"id":278780,"date":"2026-06-22T14:45:00","date_gmt":"2026-06-22T18:45:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/22\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding-news-events\/"},"modified":"2026-06-22T14:50:14","modified_gmt":"2026-06-22T18:50:14","slug":"cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding-news-events","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/22\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding-news-events\/","title":{"rendered":"CISA Regulations Regarding Cybersecurity Incidents and Critical Infrastructure Proceeding | News &#038; Events"},"content":{"rendered":"<p><a href=\"https:\/\/www.clarkhill.com\/news-events\/news\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding\/\">CISA Regulations Regarding Cybersecurity Incidents and Critical Infrastructure Proceeding | News &#038; Events<\/a><\/p>\n<p><a href=\"https:\/\/www.clarkhill.com\/news-events\/news\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding\/\">https:\/\/www.clarkhill.com\/news-events\/news\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-22 14:45:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.clarkhill.com\">www.clarkhill.com<\/a><\/p>\n<p>The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (\u201cCIRCIA\u201d) was passed in 2022. That law required covered entities who are part of so-called \u201ccritical infrastructure\u201d to report cybersecurity incidents and ransomware payments to the Federal government. For cyber incidents, the law required reporting to CISA within 72 hours and for ransomware payments, the reporting is required within 24 hours\u2014both tight turnarounds.<\/p>\n<p>The law tasked CISA-the federal government\u2019s cybersecurity and infrastructure security agency-with coming up with rules and regulations for implementing that law. CISA published proposed rules for comment in 2024. Earlier this year, CISA was to hold a series of town halls to allow for public comment on those proposed rules and to offer thoughts on the implementation of the law, but, those were postponed due to a lapse in Department of Homeland Security funding. With funding now restored, CISA has started to hold those town halls.<\/p>\n<p>What has emerged from the submitted comments and these meetings is several concerns from entities covered by the law, which may offer some insight on the ultimate implementation of the 2022 law. While CISA has not released any information on their final rules and are still collecting submitted materials for consideration, the following issues do appear to be the main focus of interested groups.<\/p>\n<h3><span style=\"color: #00cd7d;\"><strong>Definition of Covered Entities<\/strong><\/span><\/h3>\n<p>One concern centered on what entities were to be considered \u201ccritical infrastructure.\u201d Under the law, CISA is tasked with defining who is and who is not considered critical infrastructure. CISA recognizes sixteen (16) critical infrastructure sectors[1] \u201cwhose assets, systems, and networks, whether physical or virtual, are considered vital to the United States\u2026.\u201d These sectors, however, cover a very wide swath of industries and businesses (from nuclear reactors to strip malls).<\/p>\n<p>Not surprisingly, many comments on the proposed rules and participants in the town hall&#8230;<\/p>\n<p><a href=\"https:\/\/www.clarkhill.com\/news-events\/news\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA Regulations Regarding Cybersecurity Incidents and Critical Infrastructure Proceeding | News &#038; Events https:\/\/www.clarkhill.com\/news-events\/news\/cisa-regulations-regarding-cybersecurity-incidents-and-critical-infrastructure-proceeding\/ Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":278781,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/media.clarkhill.com\/wp-content\/uploads\/2020\/10\/05134526\/ClarkHillSocial.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[57],"class_list":["post-278780","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/278780"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=278780"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/278780\/revisions"}],"predecessor-version":[{"id":278782,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/278780\/revisions\/278782"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/278781"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=278780"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=278780"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=278780"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}