The Cybersecurity and Infrastructure Security Agency (CISA) has introduced a new CISA Services Portal to streamline the process of reporting cyber incidents, preparing for upcoming mandatory reporting requirements set to take effect next year. Launched recently, the portal features enhanced functionalities, such as integration with Login.gov credentials, allowing users to save and update reports, share information with third parties, and effectively search and filter through reports. Additionally, the portal offers the ability for users to engage in informal conversations with CISA officials, providing a direct line of communication that aims to assist organizations in navigating the complexities of cyber incidents.
In a statement regarding the importance of reporting cyber incidents, Jeff Greene, CISA’s executive assistant director for cybersecurity, stressed that organizations should report any cyber attacks they experience. He pointed out that reporting is essential not only for the organization’s benefit but also for the collective good of the broader community. Greene noted that CISA and government partners possess unique tools and resources for aiding in response and recovery; however, they can only provide this assistance if they are made aware of incidents. Sharing information about cyber threats allows CISA to better understand adversarial tactics and help prevent attackers from employing the same methods against other victims.
The launch of the new reporting portal comes at a critical time as CISA prepares to implement the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). This landmark legislation will require organizations across 16 critical infrastructure sectors to report significant cyber incidents to CISA within 72 hours and ransomware attacks within 24 hours. CISA has released proposed rules for this act, which is estimated to affect over 300,000 organizations, leading to a predicted influx of at least 25,000 incident reports in the first year alone. To handle this anticipated increase in reporting, CISA plans to hire more personnel and enhance its technological capabilities.
To further support CIRCIA, CISA is working to synchronize the new reporting requirements with existing regulations, which often target specific sectors such as defense or finance. The Department of Homeland Security’s 2023 report highlighted the numerous existing incident reporting rules and advocated for the adoption of a common incident reporting form and standardized definitions for reportable incidents. CISA officials have expressed their intent to make compliance with CIRCIA as smooth as possible for the private sector, emphasizing that their goal is to assist rather than burden organizations that have already faced cyber attacks. Director Jen Easterly has reiterated that CIRCIA is not about assigning blame but rather about providing aid while ensuring that critical information is shared to enhance the collective security of all stakeholders involved.
Reference:
