CIRCIA Reporting Requirements
- Report covered cyber incidents within 72 hours
- Within 24 hours, report ransom payments
- 72-hour reporting deadline for covered cyber incidents by covered entities
With Game of Thrones (GOT) averaging a weekly viewership that accounts for over 10% of the U.S. population, many have heard of Cersei Lannister, Queen of the Seven Kingdoms of Westeros. GOT fans are well acquainted with the tyrannical nature of the beautiful, driven, intelligent ruler whose cruelty spanned all eight (8) seasons.
Cersei and CIRCIA may sound similar, but Americans can rest assured that the only commonality shared between the villain pop culture loves to hate and the latest law on cyber incidents is a no-nonsense intolerance towards achieving their respective goals.
CIRCIA stands for Cyber Incident Reporting for Critical Infrastructure Act of 2022. It is a Federal law signed by President Biden and the U.S. Federal Government in March 20221. The law focuses on reporting requirements related to cybersecurity incidents and ransomware payments. Covered entities in critical infrastructure will now be required to register incidents and charges within specified time frames to the Cybersecurity and Infrastructure Security Agency (CISA).
Covered Cyber Incident: An event that impacts a covered entity's integrity, confidentiality, and security.
Covered Entity: A company whose activities are in a critical infrastructure sector listed by CISA.
CIRCIA aims to establish a global collaborative framework to address cyber threats effectively, considering the alarming frequency of cyber incidents. According to data from the Department of Defense's2 Cyber Security Service Providers, approximately 12,000 cyber incidents were reported from 2015 to 2021.
Rulemaking and oversight responsibility is tasked to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), which is expected to finalize and enforce rules no later than September 2025. These organizations include financial services, industrial, technology, energy, transportation, communication, healthcare, education, and public sectors. Covered entities may comprise all 16 industries critical to national security, economic stability, public health, and safety identified in Presidential Policy Directive 21 (PPD-21).
CIRCIA aims to ensure cyber response plans and teams collaborate effectively, respond resiliently, and recover rapidly from cyber incidents. In preparation for CIRCIA, Federal agencies must take several key actions, including:
CIRCIA, CISO, and the U.S. Federal Government
CIRCIA, in collaboration with the U.S. Federal Government and its agencies, establishes a collective approach to cybersecurity and incident response. The Cybersecurity and Infrastructure Security Office (CISO), as part of CISA, plays a pivotal role in overseeing and guiding incident response efforts across Federal agencies. Together, they work towards fostering a secure and resilient digital landscape, ensuring the protection of critical infrastructure, sensitive information, and public services. By promoting collaboration, information sharing, and standardized incident response procedures, CIRCIA and CISO aim to counter cyber threats effectively and safeguard the nation's cybersecurity interests.
DX360°® Cyber Incident Reporter is a game-changer in cybersecurity, providing agencies with a powerful tool to enhance their incident response capabilities. Integrated with Login.gov, it offers real-time information collection and a user-friendly dashboard for monitoring and tracking incidents. This tool ensures timely transparency, secure and detailed dashboards for analysis, and aids in efficient investigation and trend discovery. With this, agencies can significantly improve their efficiency and effectiveness in responding to and investigating cyber incidents.
What's our distinctive edge?
DX360°® Cyber Incident Reporter improves the organization’s cyber incident capability and enables CIRCIA compliance without the administrative burden and expensive overhead. It automates cyber incident reporting, tracking, and managing incidents; scales the capacity of cyber incident detection; and improves our nation’s visibility and responsiveness to cyber threats.
The DX360°® Cyber Incident Reporter difference:
While we can’t say Cersei is the best fit for the iron throne, CIRCIA is what our nation needs against cyber threats.
Request a personalized demo with us today to get started on establishing your agency’s stronghold.
NetImpact Strategies, Inc. (NetImpact) is a digital transformation disruptor solving today's challenges for our clients while readying them to capitalize on tomorrow's opportunities.
NetImpact partners with customer agencies to deliver high-performance, secure digital solutions to transform operations and accelerate mission outcomes. Our comprehensive Digital Transformation 360°™ (DX360°®) capabilities empower our clients in harnessing technology to bring their strategic vision to reality and achieve impactful and lasting value.