CISA extends comment period for proposed rule on cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 3 extended the comment period to July 3 for the April 4 proposed rule that would implement cyber incident and ransom payment reporting requirements under the Cyber Incident Reporting for Critical Infrastructure Act of 2022. The rule would require critical infrastructure organizations, including hospitals and health systems, to report a covered cyber incident to the federal government within 72 hours and ransom payments within 24 hours, among other requirements.
Related News Articles
Headline
Microsoft announced May 19 that it disrupted operations of Fox Tempest, a threat actor operating as a malware-signing-as-a-service used by cybercriminals to…
Headline
An AHA Cyber & Risk Intel blog by John Riggi, AHA national advisor for cybersecurity and risk, explores what health care leaders need to consider to reduce…
AHA Cyber Intel
Cyberattacks against hospitals, health systems and mission-critical health care third-party providers have surged in recent years. While these attacks often…
Headline
Microsoft Threat Intelligence is warning of a large scale, multistage phishing campaign that disproportionately targeted the health care sector, sending “code…
Headline
The Cybersecurity and Infrastructure Security Agency has launched a new initiative for critical infrastructure to defend against cyberattacks through proactive…
Headline
John Riggi, AHA national advisor for cybersecurity and risk, will moderate a webinar May 5 at 1 p.m. ET that will explore how bad actors are leveraging…