CISA releases draft rule for cyber incident reporting | CyberScoop<\/title> <meta name=\"description\" content=\"The proposal describes when critical infrastructure organizations will be required to report cybersecurity incidents.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cisa-cyber-incident-reporting-critical-infrastructure\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CISA releases draft rule for cyber incident reporting\"> <meta property=\"og:description\" content=\"The proposal describes when critical infrastructure organizations will be required to report cybersecurity incidents.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cisa-cyber-incident-reporting-critical-infrastructure\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-03-27T23:25:08+00:00\"> <meta property=\"article:modified_time\" content=\"2024-03-27T23:43:08+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1272\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1710875768g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1710299038g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1711491965g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/79922\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.4.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=79922\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-cyber-incident-reporting-critical-infrastructure%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-cyber-incident-reporting-critical-infrastructure%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-79922 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-incident-reporting-critical-infrastructure\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.215439856373\">\n<div class=\"single-article__header-content\" readability=\"28.912844036697\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/government\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> The proposal describes when critical infrastructure organizations will be required to report cybersecurity incidents. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"424\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting.jpg?resize=640%2C424&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=300,199 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=768,509 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=1024,678 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=1536,1018 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=600,398 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=254,168 254w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=509,337 509w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=1019,675 1019w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-2.jpg?resize=1272,843 1272w\" sizes=\"(max-width: 1019px) 100vw, 1019px\"><figcaption> Jen Easterly, Director of the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency, arrives to testify before the House (Select) Strategic Competition Between the United States and the Chinese Communist Party Committee on Capitol Hill on January 31, 2024 in Washington, DC. (Photo by Kevin Dietsch\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"81.823832145685\"><body readability=\"166.29744136461\"><\/p>\n<p>In one of the biggest cybersecurity policy reforms in recent memory, the Cybersecurity and Infrastructure Security Agency on Wednesday released its much-anticipated notice of proposed rulemaking to require critical infrastructure organizations to report cybersecurity incidents, a move intended to provide the federal government with better insight about breaches that affect highly sensitive entities, such as water and power utilities. <\/p>\n<p>Wednesday\u2019s <a href=\"https:\/\/public-inspection.federalregister.gov\/2024-06526.pdf?utm_campaign=pi+subscription+mailing+list&utm_medium=email&utm_source=federalregister.gov\">notice of proposed rulemaking<\/a> (NOPR) represents the next step in a process that began after the Cyber Incident Reporting for Critical Infrastructure Act was signed into law in March 2022. That law was inspired in part by the <a href=\"https:\/\/cyberscoop.com\/nsa-solarwinds-russia-china-nakasone\/\">SolarWinds hack<\/a>, which made clear the lack of information available to the federal government about breaches affecting critical infrastructure entities. It also represents one of the first steps by CISA to take on a more regulatory role that the agency has <a href=\"https:\/\/www.wsj.com\/articles\/u-s-cyber-agency-hopes-to-avoid-the-regulator-label-11634031001\">tried to avoid<\/a>.<\/p>\n<p>\u201cCIRCIA is a game changer for the whole cybersecurity community, including everyone invested in protecting our nation\u2019s critical infrastructure,\u201d said CISA Director Jen Easterly in a statement. \u201cIt will allow us to better understand the threats we face, spot adversary campaigns earlier, and take more coordinated action with our public and private sector partners in response to cyber threats.\u201d<\/p>\n<p>Under the rules, companies will have to report incidents less than 72 hours \u201cafter the covered entity reasonably believes the covered cyber incident has occurred\u201d and ransomware payments within 24 hours of being made, unless payment is accompanied by an incident, in which case the organization has 72 hours.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While they contain a series of detailed carve-outs, the rules generally require companies to report incidents that impact safety, lead to a disruption of services or if the breach was carried out through a third party like a cloud service provider.<\/p>\n<p>In a media briefing Wednesday, a senior CISA official noted that the agency is working on a way to share anonymized data with researchers. While cyberattacks on critical infrastructure systems are believed to be legion, researchers lack good data about their prevalence, and many experts hope that CIRCIA\u2019s incident reporting requirement can fill this lacuna in the data. <\/p>\n<p>According to the proposed rules, CISA plans to use the data it receives to carry out trend and threat analysis, incident response and mitigation, and to inform future strategies to improve resilience. <\/p>\n<p>While the rule is not expected to be finalized until 18 months from now or potentially later next year, comments are due 60 days after the proposal is officially published on April 4. One can be sure that the 16 different critical infrastructure sectors and their armies of lawyers will have much to say. The 447-page NOPR details a dizzying array of nuances for specific sectors and cyber incidents.<\/p>\n<p>For example, companies would only be required to report a distributed denial of service attack if it results in a service outage for an extended period. One that results in a \u201cbrief period of unavailability,\u201d however, would not need to be reported. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The list of exceptions to the cyber incidents that critical infrastructure operators will need to report is around twice as long as the conditions that require reporting an incident, and the final shape of the rule may change as CISA considers comments from industry. <\/p>\n<p>The companies affected by the proposed rules include all critical infrastructure entities that exceed the federal government\u2019s threshold for what is a small business. The rules provide a series of different criteria for whether other critical infrastructure sectors will be required to report incidents. Some will be covered in their entirety, such as the chemical sector. Other critical infrastructure sectors, such as the information technology sector, will qualify based on criteria laid out in the framework. <\/p>\n<p>Indeed, the rules governing the information technology sector could have a wide reach, as CISA is proposing that any organization that sells \u201cIT hardware, software, systems, or services\u201d to the federal government be required to report incidents. <\/p>\n<p>CISA\u2019s proposed rules represent the latest entrant in a complicated regulatory landscape governing when companies are required to report cybersecurity incidents. Last year, the Securities and Exchange Commission <a href=\"https:\/\/cyberscoop.com\/sec-cybersecurity-incidents-disclosure-rule\/\">mandated<\/a> that publicly traded companies report \u201cmaterial\u201d breaches to investors \u2014 a move Rep. Andrew Garbarino, R-N.Y., chair of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, sought to quash because it conflicts with CISA\u2019s remit. <\/p>\n<p>Harmonizing these various reporting requirements represents a key challenge facing executive branch policymakers. While CISA\u2019s rules are aimed at critical infrastructure organizations that experience cyber-related disruptions, the SEC regulations affect publicly traded companies. These reporting requirements may in some cases overlap, and many experts see them as a compliment to one another rather than in conflict. Additionally, CISA\u2019s rules require much more detailed information be disclosed about breaches.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>CISA expects the rules will cost industry and government combined around $2.6 billion between now and 2033 and anticipates receiving around 25,000 reports each year.<\/p>\n<p>Ranking member of the House Committee on Homeland Security Bennie Thompson, D-Mass., and Rep. Yvette Clark, D-N.Y., said in a <a href=\"https:\/\/democrats-homeland.house.gov\/news\/press-releases\/thompson-clarke-release-statement-on-cisa-cyber-incident-reporting-proposed-rule\">joint statement<\/a> that they\u2019d like to see a reduction in compliance costs so that additional resources can be invested in security. <\/p>\n<p>While the list of covered entities list might appear long \u2014 CISA said it expects around 350,000 to be required to report \u2014 the size-based criteria and sector-specific rules might leave major gaps, according to Josh Corman, founder of the I Am the Cavalry and former chief strategist of CISA\u2019s COVID Task Force.<\/p>\n<p>Corman has spoken <a href=\"https:\/\/www.help.senate.gov\/imo\/media\/doc\/Corman.pdf\">frequently<\/a> about the surprising number of small organizations that, if impacted, could have posed serious risks to the nation\u2019s COVID-19 response. \u201cIt\u2019s not the size of the organization,\u201d Corman said in an interview. \u201cIt\u2019s the size of the harm to the national critical functions and critical infrastructure.\u201d<\/p>\n<p>That concern is heightened by recent warnings from U.S. national security officials that China is carrying out increasingly aggressive operations targeting American critical infrastructure. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Corman argues CISA could have relied on the list of systemically important critical entities that the agency has developed \u2014 which are the most critical of critical entities that may fall outside what is considered critical infrastructure \u2014 in order to ensure better coverage.<\/p>\n<p>Corman pointed to the proposal\u2019s treatment of hospitals as a major flaw: Under the rule, facilities with fewer than 100 beds are not required to report incidents, even though just a small number of hospitals are above that threshold. Hospitals that are considered a \u201ccritical access\u201d \u2014 <a href=\"https:\/\/www.ruralhealthinfo.org\/topics\/critical-access-hospitals\">which are largely rural<\/a> \u2014 would also be required to report.<\/p>\n<p>The proposed rules contend that larger hospitals \u201care more likely\u201d to experience \u201csubstantial impact\u201d and that \u201clarger hospitals are likely to be better equipped to simultaneously respond to and report a cyber incident.\u201d<\/p>\n<p>Corman also pointed out that the categories of critical infrastructure entities are based on <a href=\"https:\/\/www.cisa.gov\/2015-sector-specific-plans\">sector-specific plans<\/a> that have not been updated since 2015. \u201cCISA did not even exist in 2015,\u201d Corman said. \u201cHow can a sector-specific plan written almost 10 years ago be the basis for us getting our head around the proper focus and implementation as planned?\u201d<\/p>\n<p>Other experts questioned whether entities have the financial resources to implement the requirements. The rules require community water systems and water treatment services that serve more than 3,300 people to report incidents, and experts question whether these entities can implement proper security measures \u2014 let alone spot and report breaches. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Chris Warner, an operational technology security strategist at the security firm GuidePoint, described what he encountered at one water utility in Florida: \u201cThey were so small they had three IT guys handling the OT security and we all know \u2026 99% of the time that doesn\u2019t work at all.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.2713567839196\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/03\/cisa-releases-draft-rule-for-cyber-incident-reporting-1.jpg?w=640&ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out: christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-incident-reporting-critical-infrastructure\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA releases draft rule for cyber incident reporting | CyberScoop<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[413,452,293,117,962,722,439],"tags":[415,454,299,119,963,723,443],"class_list":["post-2805","post","type-post","status-publish","format-standard","hentry","category-critical-infrastructure","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-homeland-security-dhs","category-government","category-incident-reporting","category-jen-easterly","category-policy","tag-critical-infrastructure","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-homeland-security-dhs","tag-government","tag-incident-reporting","tag-jen-easterly","tag-policy"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/critical-infrastructure\/\" rel=\"category tag\">critical infrastructure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/incident-reporting\/\" rel=\"category tag\">incident reporting<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/jen-easterly\/\" rel=\"category tag\">Jen Easterly<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a>","tag_info":"Policy","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2805","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2805"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2805\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":2805,"date":"2024-03-27T18:25:08","date_gmt":"2024-03-27T23:25:08","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=79922"},"modified":"2024-03-27T18:25:08","modified_gmt":"2024-03-27T23:25:08","slug":"cisa-releases-draft-rule-for-cyber-incident-reporting","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/03\/27\/cisa-releases-draft-rule-for-cyber-incident-reporting\/","title":{"rendered":"CISA releases draft rule for cyber incident reporting"},"content":{"rendered":"