The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), signed in March 2022, is a law that requires the Cybersecurity and Infrastructure Security Agency (CISA) to develop rules for reporting cyber incidents.
A rule proposed in April 2024 and set to take effect in 2026 may require school districts that meet certain size and sector-based criteria to report cyber incidents within 72 hours and ransomware payments within 24 hours.
Increased reporting will allow for a better and more accurate examination of potential trends that may ultimately lead to a better defense systems. As cybersecurity becomes a greater concern for school districts, insight into the vulnerabilities of school district information systems will be critical to safety and improvement.
/Passle/66030b5f24299750fade21de/SearchServiceImages/2025-01-31-00-13-55-185-679c15c378585b88a9c2e3d2.jpg)
/Passle/66030b5f24299750fade21de/SearchServiceImages/2025-01-29-00-20-18-282-679974420b0b45376877792b.jpg)
/Passle/66030b5f24299750fade21de/SearchServiceImages/2025-01-28-20-04-14-395-6799383e6a5d021bf4d07360.jpg)
/Passle/66030b5f24299750fade21de/SearchServiceImages/2025-01-27-23-35-03-196-67981827336eac9e8b60efa9.jpg)
/Passle/66030b5f24299750fade21de/SearchServiceImages/2025-01-23-01-32-50-953-67919c42822da58cfef5fcfa.jpg)