DHS council seeks to simplify cyber incident reporting rules | CyberScoop<\/title> <meta name=\"description\" content=\"The Biden administration is looking to simplify the dizzying reporting requirements faced by critical infrastructure entities.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/dhs-cyber-incident-reporting-recommendations\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"DHS council seeks to simplify cyber incident reporting rules\"> <meta property=\"og:description\" content=\"The Biden administration is looking to simplify the dizzying reporting requirements faced by critical infrastructure entities.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/dhs-cyber-incident-reporting-recommendations\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-09-19T18:47:49+00:00\"> <meta property=\"article:modified_time\" content=\"2023-09-20T14:56:39+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1278\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/cdn.parsely.com\">\n<link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-0\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1693959706g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-4\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1694794511g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1694542629g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7af46db108fbc62fdcc9\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/77171\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.3.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=77171\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdhs-cyber-incident-reporting-recommendations%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdhs-cyber-incident-reporting-recommendations%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-77171 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/dhs-cyber-incident-reporting-recommendations\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.163377192982\">\n<div class=\"single-article__header-content\" readability=\"29.75641025641\">\n<p> The Biden administration is looking to simplify the dizzying reporting requirements faced by critical infrastructure entities. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=768,511 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=1024,682 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=1536,1022 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=600,399 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=1014,675 1014w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules-1.jpg?resize=1266,843 1266w\" sizes=\"(max-width: 1014px) 100vw, 1014px\"><figcaption> Cybersecurity and Infrastructure Security Agency Director Jen Easterly testified before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022. (Photo by Kevin Dietsch\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"35.474507824331\"><body readability=\"73.194662480377\"><\/p>\n<p>The Department of Homeland Security delivered a 100-page report on Tuesday with recommendations on how to revamp the thicket of cyber incident reporting requirements faced by U.S. critical infrastructure operators. <\/p>\n<p>Developed by the Cyber Incident Reporting Council \u2014 a body made up of multiple federal agencies including the Office of the National Cyber Director, Federal Trade Commission and the Departments of Energy, Treasury, Defense and Justice \u2014 Tuesday\u2019s report found that critical infrastructure entities face a dizzying 45 active reporting requirements from 22 different federal agencies and and an additional five under consideration. <\/p>\n<p>Harmonizing these requirements is a <a href=\"https:\/\/cyberscoop.com\/cybersecurity-strategy-harmonization-critical-infrastructure\/\">part of a larger Biden administration effort<\/a> to develop more effective cyber policy, which has been shaped by an ad hoc approach from multiple agencies with varying authorities and resources.<\/p>\n<p>\u201cReporting cyber incidents is critical to the nation\u2019s cybersecurity: It allows us to spot trends in real-time, rapidly render assistance to victims, and share information to warn other potential targets before they become victims,\u201d CISA Director Jen Easterly said in a statement. \u201cWe also recognize that the need for this information must be balanced with the burdens placed on industry, ensuring that requirements are harmonized and streamlined as effectively as possible.\u201d <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The Cyber Incident Reporting Council worked with more than 30 federal agencies in developing their recommendations. While CISA\u2019s proposed rule on cyber incident reporting is not expected until next year, the report will shape the rule.<\/p>\n<p><a href=\"https:\/\/www.dhs.gov\/sites\/default\/files\/2023-09\/DHS%20Congressional%20Report%20-%20Harmonization%20of%20Cyber%20Incident%20Reporting%20to%20the%20Federal%20Government.pdf\">The council\u2019s report was required<\/a> under the Cyber Incident Reporting for Critical Infrastructure Act, a <a href=\"https:\/\/cyberscoop.com\/incident-reporting-legislation\/\">landmark bill<\/a> that seeks to harmonize existing cyber incident reporting requirements and require new ones for critical infrastructure owners and operators.<\/p>\n<p>Having a unified reporting requirement across critical infrastructure is expected to help both the private sector and federal government better understand the threat landscape while also assisting in prioritization efforts, and Tuesday\u2019s report recommends that the requirements and submission process for incident reporting be as uniform as possible across sectors.<\/p>\n<p>Within cyber incident reporting, the varying requirements represent a \u201csignificant challenge to harmonizing current\u201d reporting requirements, the report notes. What qualifies as an incident, how soon an incident should be reported and how it should be reported are among the issues that need to be simplified, according to the report.<\/p>\n<p>The report recommends that the federal government have a model definition for a \u201creportable cyber incident\u201d and that agencies should examine whether they can adapt to such a definition. Agencies that have reporting requirements should also consider delayed public notifications if public notification poses a national security risk, the report notes.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The council\u2019s report recommends that incidents that impact \u201cnational and economic security and safety\u201d may need to be reported more promptly than the 72 hours that is the current reporting timeline under CIRCIA. Impacts to personal private information may be treated with greater flexibility, the council\u2019s report suggests.<\/p>\n<p>Additionally, the report argues that the process for engaging with victims should be improved so multiple agencies are not asking for the same information. <\/p>\n<p>Updated incident reporting rules to be more in line with one another will likely be a long process. Such procedures can last months if not years \u2014 assuming the agency even has the authority to make such changes, the report warns. The Environmental Protection Agency, for example, told the council that the agency does not have the authority to require reporting from utilities.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/dhs-cyber-incident-reporting-recommendations\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DHS council seeks to simplify cyber incident reporting rules |<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[452,293,962,722,439],"tags":[454,299,963,723,443],"class_list":["post-1745","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-homeland-security-dhs","category-incident-reporting","category-jen-easterly","category-policy","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-homeland-security-dhs","tag-incident-reporting","tag-jen-easterly","tag-policy"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/incident-reporting\/\" rel=\"category tag\">incident reporting<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/jen-easterly\/\" rel=\"category tag\">Jen Easterly<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a>","tag_info":"Policy","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1745","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1745"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1745\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1745"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1745"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1745"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":1745,"date":"2023-09-19T18:47:49","date_gmt":"2023-09-19T18:47:49","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=77171"},"modified":"2023-09-19T18:47:49","modified_gmt":"2023-09-19T18:47:49","slug":"dhs-council-seeks-to-simplify-cyber-incident-reporting-rules","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/09\/19\/dhs-council-seeks-to-simplify-cyber-incident-reporting-rules\/","title":{"rendered":"DHS council seeks to simplify cyber incident reporting rules"},"content":{"rendered":"