Critical infrastructure organizations want CISA to dial back cyber reporting | CyberScoop<\/title> <meta name=\"description\" content=\"Public comments from industry on the cyber agency\u2019s draft proposal call for clearer terms and hard limits on what information can be collected.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cisa-cyber-reporting-circia-2024\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Critical infrastructure organizations want CISA to dial back cyber reporting\"> <meta property=\"og:description\" content=\"Public comments from industry on the cyber agency\u2019s draft proposal call for clearer terms and hard limits on what information can be collected.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cisa-cyber-reporting-circia-2024\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-07-08T18:39:45+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1720117134g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1719935282g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1720001752g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/80941\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=80941\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-cyber-reporting-circia-2024%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-cyber-reporting-circia-2024%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-80941 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-reporting-circia-2024\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.311926605505\">\n<div class=\"single-article__header-content\" readability=\"29.662921348315\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/government\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> Public comments from industry on the cyber agency\u2019s draft proposal call for clearer terms and hard limits on what information can be collected. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-4.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> A business office is tied up in regulations. (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"66.324330727316\"><body readability=\"134.136256658\"><\/p>\n<p>Public comments for the latest iteration of the cyber incident reporting mandate for critical infrastructure reveal an industry that wants a scaled-back version of what is arguably the Biden administration\u2019s most significant cyber regulation.<\/p>\n<p>The Cybersecurity and Infrastructure Security Agency will be spending the next few months <a href=\"https:\/\/www.regulations.gov\/docket\/CISA-2022-0010\">going over comments<\/a> from critical infrastructure owners and operators, industry trade groups, cybersecurity companies, and other interested parties after comments for the proposed rule ended Wednesday. The cyber incident reporting law, which is aimed at gaining more information on the threat landscape, comes with the acknowledgement that the defensive posture around cyberattacks against critical infrastructure amounts to reliance on a hodgepodge of state laws, sector-specific regulations, voluntary reporting, and differing levels of access from cybersecurity firms.<\/p>\n<p>The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) also may be one of the last landmark federal regulations for critical infrastructure following the <a href=\"https:\/\/cyberscoop.com\/cybersecurity-regulations-face-uphill-battle-after-chevron-ruling\/\">Supreme Court\u2019s Chevron<\/a> decision. Experts have noted that the ruling might encourage legal challenges to new regulations, a tactic that already <a href=\"https:\/\/cyberscoop.com\/epa-calls-off-cyber-regulations-for-water-sector\/\">eliminated cybersecurity audits from the Environmental Protection Agency\u2019s water sanitation surveys. <\/a><\/p>\n<p>CIRCIA requires that select critical infrastructure owners and operators <a href=\"https:\/\/cyberscoop.com\/cisa-circia-cyber-incident-reporting\/\">report substantial cyber incidents<\/a> and ransomware payments to CISA within 24 hours. Initial reactions to the cyber reporting law and the subsequent rulemaking process include <a href=\"https:\/\/bpi.com\/wp-content\/uploads\/2024\/06\/CIRCIA-Tri-sector-Letter_FINAL.pdf\">industry<\/a> and <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-incident-reporting-hearing\/\">members of Congress<\/a> calling for dialed down expectations, clearer definitions, and a more limited scope. The submitted comments were no different. Here are some of the top areas to watch going forward:<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p><strong>Defining a cyber incident<\/strong><\/p>\n<p>Industry lawyers did not think the 447-page proposed ruling was detailed enough, particularly when it came to what is defined as a cyber incident. Multiple comments asked for specific, clearly defined terms for what is considered a \u201csubstantial cyber incident,\u201d including a list of potential exclusions \u2014 with some asking for specifics based on sector. <\/p>\n<p>Comments also noted that an overabundance of reports could overwhelm CISA\u2019s resources, leading to little benefit for both the federal government and private sector. The Information Technology Industry Council said that the <a href=\"https:\/\/www.itic.org\/news-events\/news-releases\/iti-to-safeguard-u-s-cybersecurity-cisa-must-improve-circia-rulemaking\">wide scope<\/a> of a \u201ccyber incident\u201d could bombard the agency with \u201cirrelevant data,\u201d though CISA officials say they believe current technology can digest the estimated 25,000 reports per year.<\/p>\n<p>The <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0244\">City of Dallas<\/a>, meanwhile, suggested eliminating part of the law that requires the reporting of ransomware payments. Dallas asked for no \u201cobligation to disclose sensitive payment information\u201d and suggested that fears of \u201creputational damage and financial scrutiny\u201d could limit a \u201cculture of cooperation and openness.\u201d<\/p>\n<p><strong>Who should report?<\/strong><\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Another frequent concern is which organizations are required to report incidents. CISA proposed following some of the <a href=\"https:\/\/www.cisa.gov\/2015-sector-specific-plans\">sector-specific guidelines<\/a> for critical infrastructure and adhering to a system that uses a federal measurement for what is considered a small business.<\/p>\n<p>However, many groups commenting also wanted additional details and exceptions from the rule. The <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0392\">National Chicken Council<\/a> and the <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0413\">Meat Institute<\/a> argued that CISA should change the small business threshold, as food and agriculture businesses don\u2019t fall neatly into one area. Additionally, not all companies will be aware of the new law. CISA noted in the proposed rule that it has no plans to alert every organization that might fall onto that list, citing scale.<\/p>\n<p>Similarly, trade groups like the <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0348\">National Retail Federation<\/a> said the businesses they represent should be excluded entirely, as retail cyberattacks rarely impact national security and public safety. The <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0443\">Enterprise Cloud Coalition<\/a> also expressed concern that the proposal could require third-party service providers to report an incident \u201cwhen such providers have limited information on the customer impacts.\u201d<\/p>\n<p>Lawmakers previously <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-incident-reporting-hearing\/\">criticized CISA\u2019s rule<\/a>, which they consider too wide in scope. Rep. Yvette Clarke, a New York Democrat, the former chair of the House Homeland Security cyber subcommittee and the sponsor of the bill, said during a recent House hearing that CISA\u2019s rulemaking went too far.<\/p>\n<p><strong>Carrot and stick<\/strong><\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While the vast majority of critical infrastructure sectors may be privately owned, many lack the needed resources to have a cyber specialist on the ground to implement the requirements. The <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0338\">American Council on Education<\/a> noted that many institutions don\u2019t have the funds to follow the proposed rules. The council also noted that due the lack of \u201csubstantial engagement\u201d on the rules or on the implementation of CIRCIA, the government should narrow covered entities under higher education.<\/p>\n<p>It\u2019s unclear what \u2014 if any \u2014 consequences businesses will face for not submitting a report. The American Hospital Association said that the potential penalty for not complying with the law could be \u201c<a href=\"https:\/\/www.aha.org\/lettercomment\/2024-07-02-aha-responds-cisa-proposed-rule-cyber-incident-reporting-requirements\">vague and potentially severe<\/a>\u201d while also punishing victims.<\/p>\n<p>The American Medical Association <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0268\">noted<\/a> that CISA should provide additional resources both for organizations that are impacted and required to report and for smaller practices that fall below the threshold. The AMA said \u201cfinancial incentives are most effective when framed as a positive stimulus, as opposed to a penalty.\u201d<\/p>\n<p><strong>Harmonization<\/strong><\/p>\n<p>One of the remits CISA is required to complete is <a href=\"https:\/\/cyberscoop.com\/congress-cybersecurity-harmonization-oncd-report\/\">harmonizing the slew of cyber reporting rules<\/a>. That\u2019s because the law is also meant to eliminate redundancies, red tape built as agencies and regulators separately created cyber reporting rules. The law is also intended to combat increased costs of cyber defenses. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Multiple comments from energy companies \u2014 including the <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0455\">Edison Electric Institute<\/a>, a trade group representing investment-owned utilities, and <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0300\">oil and natural gas trade<\/a> associations \u2014 noted that they already have existing regulations that should take precedence. The <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0389\">Electric Power Supply Association<\/a>, meanwhile, wrote that some cyber reporting rules issued by the North American Electric Reliability Corporation call for quicker reporting times than CIRCIA.<\/p>\n<p>Additionally, <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0255\">USTelecom \u2013 The Broadband Association<\/a> said that telecommunication members are concerned about the \u201csubstantial resources\u201d needed to \u201ccomply with the patchwork of incident reporting requirements.\u201d The association warned that without streamlining ways to report, they expect the industry to adopt a just-in-case attitude and over-report incidents that could \u201cstrain government resources and be counterproductive for both sides of the public-private partnership.\u201d<\/p>\n<p><strong>Security and sharing<\/strong><\/p>\n<p>One of the more cynical \u2014 if not historically accurate \u2014 trends in the comments was a general questioning of whether the federal government will share information. Comments expressed concern that the government still has an issue with information sharing and questioned whether it could safeguard sensitive information.<\/p>\n<p>The Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC) <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0325\">expressed frustration at the proposal<\/a>, writing that the federal government regularly falls victim to \u201ccyber incidents that have leaked more sensitive, classified information\u201d than CISA plans to collect. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The MTS-ISAC also expressed concerns about whether the federal government will share information, noting repeatedly that \u201cthere is no stated commitment for CISA to share \u2014 only to collect.\u201d<\/p>\n<p>The Virginia Port Authority <a href=\"https:\/\/www.regulations.gov\/comment\/CISA-2022-0010-0427\">seemed to agree<\/a>, noting that several times, the organization learned of incidents through the news rather than through established alerting mechanisms.<\/p>\n<p>\u201cFederal agencies are slow to share information and actionable intelligence with ports directly or through industry sharing and analysis groups in a timely manner,\u201d the VPA said.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.3695652173913\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.jpg?w=640&ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out: christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<div class=\"popular-stories__stories\">\n<div class=\"popular-stories__cards\">\n<article class=\"post-item post-item--popular-stories-cards \" readability=\"22.026315789474\">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/homeland-security-cyber-workforce-clearance-process\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"600\" height=\"332\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting.png?resize=600%2C332&ssl=1\" class=\"attachment-ratio-16-9-md size-ratio-16-9-md wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png 1763w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=300,166 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=768,425 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=1024,566 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=1536,849 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=600,332 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=1200,664 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-1.png?resize=1500,830 1500w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\"> <\/a><figcaption class=\"screen-reader-text\"> Department of Homeland Security CIO and CAIO Eric Hysen testifies before the House Homeland Security Committee on June 26, 2024, in Washington, D.C. <\/figcaption><\/figure>\n<header class=\"post-item__meta\" readability=\"2.8550185873606\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/homeland-security-cyber-workforce-clearance-process\/\"> DHS aims to boost cyber ranks by streamlining clearance approvals <\/a> <\/h3>\n<p> A House Homeland Security hearing on filling the cyber workforce gap included discussions on examining top secret clearances, recruitment efforts across educational institutions and more. <\/p>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/matt-bracken\/\"> Matt Bracken <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/dhs-critical-infrastructure-cyber-priorities\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-2.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-5.jpg?resize=1265,843 1265w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> U.S. Secretary of Homeland Security Alejandro Mayorkas testifies during a hearing before the House Committee on the Judiciary at Rayburn House Office Building on July 26, 2023 on Capitol Hill in Washington, DC. (Photo by Alex Wong\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/dhs-critical-infrastructure-cyber-priorities\/\"> DHS releases critical infrastructure priorities for next two years <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/cvasquez\/\"> Christian Vasquez <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/picketed-at-work-confronted-at-church-why-election-workers-have-left-the-job\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"252\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-3.jpg?resize=252%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg 4000w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=2048,1366 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=1012,675 1012w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting-6.jpg?resize=1264,843 1264w\" sizes=\"auto, (max-width: 252px) 100vw, 252px\"> <\/a><figcaption class=\"screen-reader-text\"> Protesters call for a \u201cforensic audit\u201d of the 2020 presidential election, during a demonstration by a group called Election Integrity Fund and Force, outside of the Michigan State Capitol in Lansing on Oct. 12, 2021. (Photo by JEFF KOWALSKY\/AFP via Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/picketed-at-work-confronted-at-church-why-election-workers-have-left-the-job\/\"> Picketed at work, confronted at church: Why election workers have left the job <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/derek-johnson\/\"> Derek B. Johnson <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cisa-cyber-reporting-circia-2024\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical infrastructure organizations want CISA to dial back cyber reporting<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1794,452,293,117,962,439],"tags":[1795,454,299,119,963,443],"class_list":["post-4348","post","type-post","status-publish","format-standard","hentry","category-circia","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-homeland-security-dhs","category-government","category-incident-reporting","category-policy","tag-circia","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-homeland-security-dhs","tag-government","tag-incident-reporting","tag-policy"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/circia\/\" rel=\"category tag\">CIRCIA<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/incident-reporting\/\" rel=\"category tag\">incident reporting<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a>","tag_info":"Policy","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4348","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4348"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4348\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4348"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4348"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4348"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":4348,"date":"2024-07-08T13:39:45","date_gmt":"2024-07-08T18:39:45","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=80941"},"modified":"2024-07-08T13:39:45","modified_gmt":"2024-07-08T18:39:45","slug":"critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/07\/08\/critical-infrastructure-organizations-want-cisa-to-dial-back-cyber-reporting\/","title":{"rendered":"Critical infrastructure organizations want CISA to dial back cyber reporting"},"content":{"rendered":"