CIRCIA Rulemaking: Double Incident Reporting for the DIB - podcast episode cover

CIRCIA Rulemaking: Double Incident Reporting for the DIB

Sum IT Up: CMMC News Roundup
Apr 18, 202445 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Defense contractors have had cyber incident reporting obligations under DFARS clause 252.204-7012 for many years. Recently, however, CISA issued a 457-page proposed rule implementing the 2022 Cyber Incident Reporting for Critical Infrastructure Act. Unless CISA and DoD can reach an agreement, DIB contractors will have duplicative incident reporting obligations for two different agencies.

Episode Links:

CIRCIA Proposed Rule: https://www.federalregister.gov/documents/2024/04/04/2024-06526/cyber-incident-reporting-for-critical-infrastructure-act-circia-reporting-requirements

Congressional Research Service Report (PDF): https://crsreports.congress.gov/product/pdf/R/R48025

How to submit effective comments: https://youtu.be/1T_62cYiUA4?si=sp91i_cXFGiyD7JW

For the best experience, listen in Metacast app for iOS or Android