With the passage of the Cyber Incident Reporting for Critical Industries Act (CIRCIA), any business deemed as critical infrastructure must now report a data breach to the federal government within 72 hours. A ransomware payment must be reported within 24 hours. Hopefully, you’ll never have anything to report. If you do, you’ll want tools like Portnox’s cloud-native NAC in place to keep you in compliance.


Adapting to change: How NAC supports CIRCIA requirements.

Restricting Network Access for Authorized Devices

Keeping your network safe starts with controlling risk – and controlling risk starts with controlling access. Portnox Cloud features robust access control to identify and block unauthorized devices from accessing the network. From pre-connect authorization via the gold-standard 802.1x security protocol to microsegmentation and risk scoring, NAC helps to prevent unauthorized access to sensitive data and systems.

Enforcing least privilege

A key aspect of comprehensive access control is the concept of least privilege. Network resources should only be accessed by those who need them to do their jobs. For instance, your HR staff shouldn’t have access to your gateway router, and your IT staff should not have access to financial resources. Portnox Cloud can be used to enforce least privilege access control which not only reduces lateral movement through network but also helps keep your critical assets safe.

Incident Response and Reporting

The bread and butter of the new CIRCIA rules is incident response and reporting. NAC can generate reports and logs that can be used for incident documentation and reporting. Portnox Cloud offers comprehensive reporting and alerting so you’re always on top of what’s happening on your network. Portnox Cloud can assist in incident response by quickly isolating compromised devices from the network, thus limiting the spread of threats and containing potential damage.

circia regulation portnox
Product Brief

CIRCIA is an evolving landscape. NAC can help you keep up.

Although most of the requirements spelled out in CIRCIA around reporting took effect in 2022, there are still further changes coming down the pipe. CIRCIA requires CISA (the Cybersecurity & Infrastructure Security Agency) to publish proposed rulemaking and solicit public feedback at regular intervals, which means security professionals everywhere will get the opportunity to weigh in on future policies. Whatever is coming down the path, Portnox Cloud can help you stay compliant and safe.

Frequently asked questions about the NCUA ACET.

Try Portnox Cloud for Free Today

Gain access to all of Portnox's powerful zero trust access control free capabilities for 30 days!