On July 22, 2022, Secretary of Homeland Security Alejandro N. Mayorkas convened the Cyber Incident Reporting Council (CIRC) – a new Council composed of federal agencies with a Congressional mandate to coordinate, deconflict, and harmonize existing and future federal cyber incident reporting requirements – for its inaugural meeting.
The CIRC will meaningfully improve cybersecurity, reduce burden on industry by advancing common standards for incident reporting, and inform a report from the Secretary, due to Congress within 180 days of the first Council meeting, that will present recommendations for how the federal government can achieve harmonization. During the meeting, Secretary Mayorkas highlighted the importance of assessing reporting requirements and seeking opportunities for related harmonization.
The CIRC was authorized by Congress in the Cyber Incident Reporting for Critical Infrastructure Act, which establishes a reporting requirement for significant cyber incidents impacting critical infrastructure to DHS’s Cybersecurity and Infrastructure Security Agency. The CIRC is chaired by DHS Under Secretary for Policy Robert Silvers and includes representation from several federal agencies, including the Office of the National Cyber Director, Federal Bureau of Investigation, Securities and Exchange Commission, Federal Trade Commission, Federal Communications Commission, and Departments of the Treasury, Defense, Justice, Agriculture, Commerce, Health and Human Services, Transportation, Energy, and Homeland Security.