The Cyber Incident Reporting for Critical Infrastructure Act of 2022: An Overview

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), signed into law by President Biden in March 2022 as part of the Consolidated Appropriations Act of 2022, will require companies operating in critical infrastructure sectors to report covered cyber incidents within 72 hours of the companies’ reasonable belief that a cyber incident has occurred and report ransom payments within 24 hours after a payment is made. Please click here to read more.