The Cybersecurity and Infrastructure Security Agency seeks public input on regulations that will set new mandatory cybersecurity reporting requirements for critical infrastructure companies. Open questions include the following:
- Who will be subject to the new requirements?
- What level of incident will trigger mandatory reporting?
- How much follow-up reporting will be required?
- What costs could potential