Groups urge CISA to develop simple mechanism for cyber incident reporting

There are a range of viewpoints on how the Cybersecurity and Infrastructure Security Agency should craft forthcoming cyber incident reporting regulations. But one common refrain amid the debates over who should be required to report and what exactly constitutes a reportable incident: CISA should develop a simple mechanism that makes it easy for organizations across 16 critical infrastructure sectors to report cyber incidents within the 72-hour window required under the law.