Skip to main content
close search
site logo
Dive Brief

CISA launches cyber incident reporting portal to streamline breach disclosure

The secure portal is designed to encourage faster and more robust information sharing about malicious attacks and critical vulnerabilities.

Published Aug. 30, 2024
David Jones's headshot
Reporter
CISA, cybersecurity, agency
Photo illustration by Danielle Ternes/CFO Dive; photograph by yucelyilmaz via Getty Images

First published on

Cybersecurity Dive

Dive Brief:

  • The Cybersecurity and Infrastructure Security Agency introduced an online portal Thursday for organizations to voluntarily report malicious cyberattacks, vulnerabilities and data breaches. 
  • The CISA services portal is a secure platform that provides enhanced functionality and collaboration features, including the ability to save and update incident reports, share submitted reports with colleagues or clients and search for reports. Users can also have informal discussions with CISA through the portal.
  • “An organization experiencing a cyberattack or incident should report it — for its own benefit, and to help the broader community,” Jeff Greene, executive assistant director for cybersecurity at CISA, said in a statement. “CISA and our government partners have unique resources and tools to aid with response and recovery, but we can’t help if we don’t know about an incident.”

Dive Insight:

The portal is part of an ongoing effort by CISA to streamline the process of sharing threat intelligence and make it faster and less burdensome. 

Since the Sunburst attacks against SolarWinds in 2020 and the Colonial Pipeline ransomware attack in 2021, federal authorities have pushed to encourage private sector collaboration, because if companies are reluctant to share threat information it becomes more difficult to prepare other organizations who will remain vulnerable. 

Voluntary reporting of cyber incidents not only helps the government get a better understanding of threats, but it can directly benefit targets of malicious activity, according to Kirsten Mickelson, cyber claims practice leader at Gallagher Bassett. 

“This is a quick and efficient way to get real time data on the current threat landscape and be in the best position to be on the offensive,” Mickelson said via email. 

Ideally the portal will help streamline voluntary reporting, so organizations will be able to report the incident only one time instead of sending reports to multiple government agencies, Mickelson said. 

CISA said the incident reports should capture key details of a breach or attack, including:

  • When an incident is discovered.
  • The tactics, techniques and procedures of the attacker.
  • A description of how the attack or breach was discovered. 
  • What vulnerabilities were exploited to enable the attack.
  • Technical indicators and artifacts of compromise, such as malware hashes, IP addresses, URLs, phishing emails, etc. Malware samples or suspicious files can be uploaded.

The portal may help streamline incident reporting, but is not enough to address much wider concerns about the growing redundancy of cyber disclosure requirements, according to Katell Thielemann, distinguished VP analyst at Gartner. 

“The portal and its enhancements are a minor part of a much more complex topic — which includes establishing the right incentives for voluntary cyber incident reporting and harmonization of the mandates currently multiplying,” Thielemann said. 

Editors' picks

Company Announcements

View all | Post a press release
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Cybrid Responds to Market Demand for Stable, Efficient Cross-Border Payments with Enhanced Sta…
From Cybrid
November 20, 2024

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell