The Cybersecurity and Infrastructure Security Agency has unveiled a draft cyber incident disclosure rule created under the Cyber Incident Reporting for Critical Infrastructure Act that would mandate organizations part of the 16 designated critical infrastructure sectors to report ransomware incidents and payments within a 72-hour and 24-hour period, respectively, according to CyberScoop.
Article Link: New CISA cyber incident reporting draft unveiled | SC Media