CISA Listening Sessions
International Liquid Terminals Association
  • Join
News & ResourcesGovernment Affairs Brief

Government Affairs Brief

Advocacy never slows down. This monthly brief is your window into what ILTA is tracking, influencing, and advancing, so you can stay informed on the issues shaping our industry.

Michael Stroud
/ Categories: ILTA News Articles

CISA Listening Sessions

CISA, Can You Hear Me?

This is not a new take on the popular children’s move song, but rather the position that the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is taking with the public regarding cybersecurity regulations. CISA is hosting a series of public listening sessions to gather public input on implementing regulations requiring covered entities to report covered cyber incidents and ransomware payments to CISA. The public listening sessions are being held in the following locations and at the following places https://www.cisa.gov/circia

In 2022, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), was passed and enacted. The CIRCIA builds on previous legislation that creates a cyber incident reporting function at CISA. The CIRCIA legislation requires the reporting of cyber incidents that impact covered entities in the critical infrastructure sectors identified by Presidential Policy Directive 21. The term covered entities remains to be defined and is part of the rulemaking that is underway.

The proposed regulations are designed to help CISA understand the important issues for industry and relevant stakeholders. These reports will allow CISA to rapidly deploy resources and render assistance to victims suffering attacks, analyze incoming reporting across sectors to spot trends, and quickly share that information with network defenders to warn other potential victims. CISA is particularly interested in input on definitions for and interpretations of the terminology to be used in the proposed regulations, as well as the form, manner, content, and procedures for submission of reports required under CIRCIA. 

In addition, CISA is also interested in information regarding other incident reporting requirements and other policies and procedures, such as enforcement procedures and information protection policies, that will be required for implementation of the regulations. CISA is seeking comments and input either in the form of public testimony and/or written comments. All comments for the preliminary process are due by November 14, 2022.

Previous Article ILTA Environment, Health, Safety, and Security Committee Meetings Held in Boston
Next Article EPA Proposes “Superfund” Designation of PFOA and PFOS
Print
509 Rate this article:
No rating
Please login or register to post comments.
International Liquid Terminals Association
  • Join