Simplified cyber incident reporting pushed by DHS

Several recommendations have been given by the Department of Homeland Security to simplify federal cyber incident reporting rules in an effort to ensure no additional burdens to cyberattack-hit organizations, reports The Record, a news site by cybersecurity firm Recorded Future. Aside from clarifying reportable cybersecurity incident definitions and timelines, as well as considering whether the deferral of breach notifications to victims is needed, the federal government should also deliberate on a unified incident reporting portal to bolster incident report receipt and sharing efficiency, said the DHS in a report sent to Congress. The report also recommended the implementation of a cyber incident reporting form and common incident reporting terms, as well as updates and supplemental reports on incident reporting requirements. "In the critical period immediately following a cyberattack, our private sector partners need clear, consistent information-sharing guidelines to help us quickly mitigate the adverse impacts," said DHS Secretary Alejandro Mayorkas.