Cyber Incident Reporting

Lessons from CFATS

With all the talk on Capitol Hill about cybersecurity incident reporting, perhaps Congress ought to take a look at the Chemical Facility Anti-Terrorism Standards (CFATS) program. That program has had a mandatory requirement for reporting ‘significant cyber events’ since 2009. Lessons learned from that program may provide valuable insight into how a cybe…

This post is for paid subscribers