{"id":191404,"date":"2026-02-27T17:59:00","date_gmt":"2026-02-27T22:59:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/27\/cisa-set-to-receive-feedback-on-landmark-cyber-incident-reporting-rules\/"},"modified":"2026-02-27T18:40:10","modified_gmt":"2026-02-27T23:40:10","slug":"cisa-set-to-receive-feedback-on-landmark-cyber-incident-reporting-rules","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/27\/cisa-set-to-receive-feedback-on-landmark-cyber-incident-reporting-rules\/","title":{"rendered":"CISA set to receive feedback on landmark cyber incident reporting rules"},"content":{"rendered":"

CISA set to receive feedback on landmark cyber incident reporting rules<\/a><\/p>\n

https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/02\/cisa-set-to-receive-feedback-on-landmark-cyber-incident-reporting-rules\/<\/a><\/p>\n

Publish Date: 2026-02-27 17:59:00<\/a><\/p>\n

Source Domain: federalnewsnetwork.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

CISA’s upcoming townhalls on the “CIRCIA” rule is likely to re-surface a lot of industry consternation about the sweeping cyber incident reporting requirements.<\/p>\n

Justin Doubleday@jdoubledayWFED<\/p>\n

February 27, 2026 5:56 pm <\/p>\n

3 min read <\/p>\n

The Cybersecurity and Infrastructure Security Agency is likely to get plenty of feedback in the coming month on tightening definitions, clarifying timelines and potentially narrowing the scope of who exactly must report cyber incidents under a landmark cyber incident reporting law.
\nCISA earlier this month announced plans to host a series of \u201ctownhalls\u201d through March and early April to get feedback on the rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). The cyber agency released a notice of proposed rulemaking for CIRCIA in 2024, but the finalization of that rule has stalled as the Trump administration considers changes to the reporting requirements.
\nCISA said the townhall would provide a \u201ca limited additional opportunity to provide input on refining the scope and burden\u201d of the CIRCIA rule.
\nIn a Feb. 17 note to clients, lawyers with Mayer Brown wrote that the CIRCIA rulemaking \u201chas significant implications for companies across many sectors,\u201d adding that \u201ccompanies would be wise to view this notice as a signal that the CIRCIA rulemaking is moving forward once more.\u201d]]><\/p>\n

\u201cCompanies should be prepared to revisit their assessments of CIRCIA\u2019s potential impact on their cyber incident response processes to ensure that they are well-positioned to respond if CISA does go forward with a final rule in the coming months,\u201d they wrote.
\nThe incident reporting requirements cut across the 16 critical infrastructure sectors. The law generally requires critical infrastructure organizations to report \u201csignificant\u201d cyber incidents to CISA within 72 hours.
\nBut Congress gave CISA wide latitude to define the specifics of the cyber incident reporting regulations.
\nMany industry groups criticized the proposed rule CISA released in 2024 for being too broad in defining what organizations should report cyber incidents to CISA. In the NPRM, the agency estimated the rules will apply to about 300,000 organizations across the country.
\nCaleb Skeath, a partner at the law firm Covington, said CISA is trying to strike the right balance when it comes to defining which organizations should have to report cyber incidents to the agency.
\n\u201cPart of the reasoning and thinking for getting this information through an incident reporting requirement is to give CISA a certain degree of visibility across the threat ecosystem, so it\u2019s not necessarily with as much of an enforcement focus as some of the other cyber incident reporting frameworks that we see,\u201d Skeath told Federal News Network. \u201cIn that regards, it\u2019s understandable there might be an interest in going fairly broad.\u201d
\nBut, Skeath added, it can be \u201ca double edged sword in certain respects, because if you go too broad, you might end up with more information than you can readily process or absorb.\u201d]]><\/p>\n

Many organizations also criticized how the proposed rule defines a \u201csubstantial cyber incident\u201d that must be reported to CISA within 72 hours. The American Hospital Association, for instance, said the rule\u2019s definition was \u201cambiguous, confusing and does not adequately consider the operational realities or complex interconnectedness of the field.\u201d
\nIn its Federal Register notice announcing the town halls this month, CISA acknowledged issues like the scope of entities covered by the rule and what exactly constitutes a covered cyber incident as \u201ctopics of interest\u201d for the upcoming discussions.
\n\u201cCISA welcomes any specific, actionable improvements that CISA could implement in the final rule to clarify or reduce burden of CIRCIA\u2019s regulatory requirements while enhancing the federal government\u2019s visibility into the cyber threat landscape for critical infrastructure sectors,\u201d acting CISA Director Madhu Gottumukkala wrote in the notice.
\n Copyright
\n \u00a9\u00a02026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

CISA set to receive feedback on landmark cyber incident reporting rules https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/02\/cisa-set-to-receive-feedback-on-landmark-cyber-incident-reporting-rules\/ Publish Date: 2026-02-27…<\/p>\n","protected":false},"author":1,"featured_media":191405,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2024\/01\/CISA-agency.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-191404","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/191404"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=191404"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/191404\/revisions"}],"predecessor-version":[{"id":191406,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/191404\/revisions\/191406"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/191405"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=191404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=191404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=191404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}