{"abstract":"The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), as amended, requires the Cybersecurity and Infrastructure Security Agency (CISA) to promulgate regulations implementing the statute's covered cyber incident and ransom payment reporting requirements for covered entities. CISA seeks comment on the proposed rule to implement CIRCIA's requirements and on several practical and policy issues related to the implementation of these new reporting requirements.","action":"Proposed rule.","agencies":[{"raw_name":"DEPARTMENT OF HOMELAND SECURITY","name":"Homeland Security Department","id":227,"url":"https://www.federalregister.gov/agencies/homeland-security-department","json_url":"https://www.federalregister.gov/api/v1/agencies/227","parent_id":null,"slug":"homeland-security-department"}],"body_html_url":"https://www.federalregister.gov/documents/full_text/html/2024/04/04/2024-06526.html","cfr_references":[{"chapter":null,"citation_url":null,"part":"226","title":6}],"citation":"89 FR 23644","comment_url":null,"comments_close_on":"2024-06-03","correction_of":null,"corrections":[],"dates":"Comments and related material must be submitted on or before June 3, 2024.","disposition_notes":null,"docket_ids":["Docket No. CISA-2022-0010"],"dockets":[{"supporting_documents":[{"title":"Tribal-ISAC CIRCIA Response 2","document_id":"CISA-2022-0010-0479"},{"title":"USET SPF Comments to DHS on CIRCIA NPRM_FINAL_01_15_25","document_id":"CISA-2022-0010-0477"},{"title":"Bristol Bay Native Corporation_CIRCIA Comments","document_id":"CISA-2022-0010-0476"},{"title":"2 Dec 2024 Tribal Consultation Transcript (FINAL)","document_id":"CISA-2022-0010-0475"},{"title":"3 Dec 2024 Tribal Consultation Transcript (FINAL)","document_id":"CISA-2022-0010-0473"},{"title":"Yocha Dehe Wintun Nation_CIRCIA Comments","document_id":"CISA-2022-0010-0472"},{"title":"Nisqually Red Wind Casino_CIRCIA Comments","document_id":"CISA-2022-0010-0471"},{"title":"Cherokee Nation_CIRCIA Comments","document_id":"CISA-2022-0010-0470"},{"title":"CIRCIA Proposed Privacy and Civil Liberties Guidance","document_id":"CISA-2022-0010-0165"},{"title":"CIRCIA RIA","document_id":"CISA-2022-0010-0164"}],"agency_name":"CISA","documents":[{"comment_count":300,"comment_start_date":"2024-04-04","updated_at":"2024-09-03T16:51:21.869-04:00","comment_url":"https://www.regulations.gov/commenton/CISA-2022-0010-0163","allow_late_comments":false,"id":"CISA-2022-0010-0163","comment_end_date":"2024-07-04","regulations_dot_gov_open_for_comment":false}],"supporting_documents_count":40,"id":"CISA-2022-0010","title":"Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements"}],"document_number":"2024-06526","effective_on":null,"end_page":23776,"executive_order_notes":null,"executive_order_number":null,"explanation":null,"full_text_xml_url":"https://www.federalregister.gov/documents/full_text/xml/2024/04/04/2024-06526.xml","html_url":"https://www.federalregister.gov/documents/2024/04/04/2024-06526/cyber-incident-reporting-for-critical-infrastructure-act-circia-reporting-requirements","images":{},"images_metadata":{},"json_url":"https://www.federalregister.gov/api/v1/documents/2024-06526?publication_date=2024-04-04","mods_url":"https://www.govinfo.gov/metadata/granule/FR-2024-04-04/2024-06526/mods.xml","not_received_for_publication":null,"page_length":133,"page_views":{"count":30000,"last_updated":"2026-05-29 12:15:10 -0400"},"pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-04-04/pdf/2024-06526.pdf","presidential_document_number":null,"proclamation_number":null,"public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-06526.pdf?1711543528","publication_date":"2024-04-04","raw_text_url":"https://www.federalregister.gov/documents/full_text/text/2024/04/04/2024-06526.txt","regulation_id_number_info":{"1670-AA04":{"issue":"202504","html_url":"https://www.federalregister.gov/regulations/1670-AA04/cyber-incident-reporting-for-critical-infrastructure-act-circia-reporting-requirements","title":"Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements","xml_url":"http://www.reginfo.gov/public/do/eAgendaViewRule?pubId=202504&RIN=1670-AA04&operation=OPERATION_EXPORT_XML","priority_category":"Economically Significant"}},"regulation_id_numbers":["1670-AA04"],"regulations_dot_gov_info":{"supporting_documents":[{"title":"Tribal-ISAC CIRCIA Response 2","document_id":"CISA-2022-0010-0479"},{"title":"USET SPF Comments to DHS on CIRCIA NPRM_FINAL_01_15_25","document_id":"CISA-2022-0010-0477"},{"title":"Bristol Bay Native Corporation_CIRCIA Comments","document_id":"CISA-2022-0010-0476"},{"title":"2 Dec 2024 Tribal Consultation Transcript (FINAL)","document_id":"CISA-2022-0010-0475"},{"title":"3 Dec 2024 Tribal Consultation Transcript (FINAL)","document_id":"CISA-2022-0010-0473"},{"title":"Yocha Dehe Wintun Nation_CIRCIA Comments","document_id":"CISA-2022-0010-0472"},{"title":"Nisqually Red Wind Casino_CIRCIA Comments","document_id":"CISA-2022-0010-0471"},{"title":"Cherokee Nation_CIRCIA Comments","document_id":"CISA-2022-0010-0470"},{"title":"CIRCIA Proposed Privacy and Civil Liberties Guidance","document_id":"CISA-2022-0010-0165"},{"title":"CIRCIA RIA","document_id":"CISA-2022-0010-0164"}],"comments_count":300,"agency_id":"CISA","comments_url":"https://www.regulations.gov/docketBrowser?rpp=50&so=DESC&sb=postedDate&po=0&dct=PS&D=CISA-2022-0010","supporting_documents_count":40,"docket_id":"CISA-2022-0010","document_id":"CISA-2022-0010-0163","regulation_id_number":null,"title":"Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements","checked_regulationsdotgov_at":"2024-07-13T01:00:06Z"},"regulations_dot_gov_url":null,"significant":true,"signing_date":null,"start_page":23644,"subtype":null,"title":"Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements","toc_doc":"Cyber Incident Reporting for Critical Infrastructure Act","toc_subject":null,"topics":["Computer technology","Critical infrastructure","Internet","Reporting and recordkeeping requirements"],"type":"Proposed Rule","volume":89}