CIRCIA

CIRCIA INTRODUCES STRICT CYBER INCIDENT REPORTING REQUIREMENTS IN THE EVENT OF A BREACH. ARE YOU PREPARED?

With the passage of the Cyber Incident Reporting for Critical Industries Act (CIRCIA), any business deemed as critical infrastructure must now report a data breach to the federal government within 72 hours. A ransomware payment must be reported within 24 hours. Hopefully, you’ll never have anything to report. If you do, you’ll want tools like Portnox’s cloud-native NAC in place to keep you in compliance.

Start A Free Trial

Adapting to change: How NAC supports CIRCIA requirements.

Restricting Network Access for Authorized Devices

Keeping your network safe starts with controlling risk – and controlling risk starts with controlling access. Portnox Cloud features robust access control to identify and block unauthorized devices from accessing the network. From pre-connect authorization via the gold-standard 802.1x security protocol to microsegmentation and risk scoring, NAC helps to prevent unauthorized access to sensitive data and systems.

Enforcing least privilege

A key aspect of comprehensive access control is the concept of least privilege. Network resources should only be accessed by those who need them to do their jobs. For instance, your HR staff shouldn’t have access to your gateway router, and your IT staff should not have access to financial resources. Portnox Cloud can be used to enforce least privilege access control which not only reduces lateral movement through network but also helps keep your critical assets safe.

Incident Response and Reporting

The bread and butter of the new CIRCIA rules is incident response and reporting. NAC can generate reports and logs that can be used for incident documentation and reporting. Portnox Cloud offers comprehensive reporting and alerting so you’re always on top of what’s happening on your network. Portnox Cloud can assist in incident response by quickly isolating compromised devices from the network, thus limiting the spread of threats and containing potential damage.

Product Brief

CIRCIA is an evolving landscape. NAC can help you keep up.

Although most of the requirements spelled out in CIRCIA around reporting took effect in 2022, there are still further changes coming down the pipe. CIRCIA requires CISA (the Cybersecurity & Infrastructure Security Agency) to publish proposed rulemaking and solicit public feedback at regular intervals, which means security professionals everywhere will get the opportunity to weigh in on future policies. Whatever is coming down the path, Portnox Cloud can help you stay compliant and safe.

Download Product Brief

Frequently asked questions about the NCUA ACET.

What is CIRCIA?

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) is a US federal law that requires critical infrastructure organizations to report certain cyber incidents and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA). The law was signed into effect by President Biden in March 2022 and is currently in the rulemaking process.

CIRCIA covers a wide range of critical infrastructure sectors, including energy, finance, transportation, healthcare, and communications. Covered entities are required to report certain cyber incidents within 72 hours of having a reasonable belief that the incident has occurred, and ransomware payments within 24 hours of making the payment.

CISA will use the information reported under CIRCIA to improve its understanding of cyber threats and vulnerabilities, develop and implement mitigation strategies, and coordinate with other federal agencies and critical infrastructure organizations to respond to cyber incidents.

CIRCIA is a significant step forward in improving the cybersecurity of critical infrastructure in the United States. By requiring covered entities to report cyber incidents and ransomware payments, CIRCIA will give CISA the information it needs to better protect critical infrastructure from cyberattacks.

Here are some of the benefits of CIRCIA:

Improved situational awareness: CISA will have a better understanding of the cyber threats and vulnerabilities facing critical infrastructure by receiving timely reports from covered entities.
Earlier detection and response: CISA can use the information reported under CIRCIA to identify and respond to cyber incidents more quickly.
Enhanced coordination: CISA can coordinate more effectively with other federal agencies and critical infrastructure organizations to respond to cyber incidents.
Increased deterrence: CIRCIA may deter cyberattacks by making it more difficult for cybercriminals to conceal their activities.

CIRCIA is still in the rulemaking process, but it is expected to go into effect in 2024. Once it is in effect, it will be a valuable tool for improving the cybersecurity of critical infrastructure in the United States.

Who is covered by CIRCIA?

The following entities must adhere to CIRCIA:

Entities that own or operate critical infrastructure in the following sectors:
- Energy
- Finance
- Healthcare
- Transportation
- Water and wastewater systems
- Defense industrial base
- Communications
- Food and agriculture
- Government facilities
- Information technology
- Manufacturing
- Professional and business services
Entities that provide critical services to critical infrastructure, such as:
- Cloud computing providers
- Cybersecurity companies
- Managed service providers
- Software vendors
- System integrators

The Cybersecurity and Infrastructure Security Agency (CISA) maintains a list of critical infrastructure sectors and subsectors, which is updated periodically.

CIRCIA applies to both public and private entities. It is important to note that even if an entity is not directly listed in the law, it may still be covered by CIRCIA if it provides critical services to critical infrastructure.

What is CIRCIA 72?

CIRCIA 72 hours refers to the requirement for covered entities to report certain cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours of having a reasonable belief that the incident has occurred.

The specific cyber incidents that must be reported under CIRCIA are still being defined by CISA, but they are expected to include incidents that pose a significant risk to critical infrastructure.

Covered entities that fail to comply with the 72-hour reporting requirement may face civil penalties of up to $1 million per incident.

The 72-hour reporting requirement is intended to give CISA timely information about cyber incidents so that it can take steps to mitigate the risks to critical infrastructure and coordinate with other federal agencies and critical infrastructure organizations to respond to the incidents.

It is important to note that the 72-hour reporting requirement is not limited to ransomware attacks. Covered entities must also report other types of cyber incidents that pose a significant risk to critical infrastructure, such as denial-of-service attacks, data breaches, and supply chain attacks.

Covered entities should develop a plan for complying with the CIRCIA 72-hour reporting requirement in advance of the law going into effect. This plan should include procedures for identifying and reporting cyber incidents, as well as for documenting the steps that are taken to mitigate the risks to critical infrastructure.

Why is CIRCIA important?

CIRCIA is important because it will give CISA the information it needs to better protect critical infrastructure from cyberattacks. By requiring covered entities to report cyber incidents and ransomware payments, CIRCIA will help CISA to:

Improve its understanding of cyber threats and vulnerabilities: CISA will be able to collect data on the types of cyber incidents that are occurring, the methods that attackers are using, and the sectors and subsectors that are most at risk. This information will help CISA to develop more effective mitigation strategies.
Earlier detection and response: CISA will be able to identify and respond to cyber incidents more quickly by receiving timely reports from covered entities. This will help to minimize the damage caused by cyberattacks.
Enhanced coordination: CISA will be able to coordinate more effectively with other federal agencies and critical infrastructure organizations to respond to cyber incidents. This will help to ensure that all stakeholders are working together to protect critical infrastructure.
Increased deterrence: CIRCIA may deter cyberattacks by making it more difficult for cybercriminals to conceal their activities. If cybercriminals know that they are likely to be caught and punished, they may be less likely to attack critical infrastructure.

Overall, CIRCIA is an important step forward in improving the cybersecurity of critical infrastructure in the United States. By giving CISA the information it needs to better understand, detect, respond to, and deter cyberattacks, CIRCIA will help to protect critical infrastructure and the American people.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Zero Trust Network Access Control

Zero Trust Conditional Access

Zero Trust Infrastructure Administration

Unified Zero Trust Security

Networks

Applications

Infrastructure

Integrations

Resources

Compliance Center

Regulations

Frameworks

Cybersecurity Center

CIRCIA

CIRCIA INTRODUCES STRICT CYBER INCIDENT REPORTING REQUIREMENTS IN THE EVENT OF A BREACH. ARE YOU PREPARED?

Adapting to change: How NAC supports CIRCIA requirements.

Restricting Network Access for Authorized Devices

Enforcing least privilege

Incident Response and Reporting

Product Brief

CIRCIA is an evolving landscape. NAC can help you keep up.

Frequently asked questions about the NCUA ACET.

Related Reading

The Security Compliance Conundrum: Adapting to the Era of IoT, Hybrid Work & AI

Unleashing the Power of Protection: Why Network Access Controls are Vital for Data Security

Strengthening Corporate Networks: Ensuring GDPR Compliance for Enhanced Cybersecurity

Try Portnox Cloud for Free Today

Zero Trust Network Access Control

Zero Trust Conditional Access

Zero Trust Infrastructure Administration

Unified Zero Trust Security

<img decoding="async" src="/wp-content/uploads/2024/03/icon-secure-node.png" alt="Networks Icon" width="25" height="25"> Networks

<img decoding="async" src="/wp-content/uploads/2024/03/icon-toggles.png" alt="Applications Icon" width="25" height="25"> Applications

<img decoding="async" src="/wp-content/uploads/2024/03/icon-servers.png" alt="Infrastructure Icon" width="25" height="25"> Infrastructure

<img decoding="async" src="/wp-content/uploads/2024/03/icon-cable.png" alt="Integrations Icon" width="25" height="25"> Integrations

Resources

Compliance Center

Regulations

Frameworks

Cybersecurity Center

CIRCIA

CIRCIA INTRODUCES STRICT CYBER INCIDENT REPORTING REQUIREMENTS IN THE EVENT OF A BREACH. ARE YOU PREPARED?

Adapting to change: How NAC supports CIRCIA requirements.

Restricting Network Access for Authorized Devices

Enforcing least privilege

Incident Response and Reporting

Product Brief

CIRCIA is an evolving landscape. NAC can help you keep up.

Frequently asked questions about the NCUA ACET.

Related Reading

The Security Compliance Conundrum: Adapting to the Era of IoT, Hybrid Work & AI

Unleashing the Power of Protection: Why Network Access Controls are Vital for Data Security

Strengthening Corporate Networks: Ensuring GDPR Compliance for Enhanced Cybersecurity

Try Portnox Cloud for Free Today

Networks

Applications

Infrastructure

Integrations