View Rule

View EO 12866 Meetings

Printer-Friendly Version Download RIN Data in XML

DHS/CISA

RIN: 1670-AA04

Publication ID: Fall 2023

Title: Cyber Incident Reporting for Critical Infrastructure Act Regulations
Abstract: The Cybersecurity and Infrastructure Security Agency (CISA) will propose regulations to implement certain aspects of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Specifically, CIRCIA directs CISA to develop and implement regulations requiring covered entities to submit reports to CISA regarding covered cyber incidents and ransom payments. CIRCIA requires CISA to publish a Notice of Proposed Rulemaking (NPRM) within 24 months of the date of enactment of CIRCIA as part of the process for developing these regulations. CISA previously issued a Request for Information on September 12, 2022, and held a series of listening sessions seeking public input on potential aspects of the proposed regulation prior to publication of the NPRM.
Agency: Department of Homeland Security(DHS)	Priority: Other Significant
RIN Status: Previously published in the Unified Agenda	Agenda Stage of Rulemaking: Proposed Rule Stage
Major: Undetermined	Unfunded Mandates: Undetermined
CFR Citation: 6 CFR 26
Legal Authority: 6 U.S.C. 681 et seq.

Legal Deadline:

Action	Source	Description	Date
NPRM	Statutory	Notice of Proposed Rulemaking	03/15/2024
Final	Statutory	Final Rule	09/15/2025

Timetable:

Action	Date	FR Cite
NPRM	03/00/2024

Regulatory Flexibility Analysis Required: Undetermined	Government Levels Affected: Undetermined
Federalism: Undetermined
Included in the Regulatory Plan: No
RIN Information URL: https://www.regulations.gov	Public Comment URL: https://www.regulations.gov
RIN Data Printed in the FR: No
Agency Contact: Todd Klessman CIRCIA Rulemaking Team Lead Department of Homeland Security Cybersecurity and Infrastructure Security Agency CISA - CHR Mailstop 0609, 1310 N Courthouse Road, Arlington, VA 20598-0609 Phone:202 964-6869 Email: circia@cisa.dhs.gov