NASS Public Comment in Response to the Cybersecurity and Infrastructure Security Agency’s Cyber Incident Reporting

Table of Contents

• NASS Public Comment in Response to the 1
• Cybersecurity and Infrastructure Security Agencys Cyber Incident Reporting 1
• Rulemaking NPRM 1
• Since elections were designated a subsector of U.S. critical infrastructure in 2017 NASS and 1
• Specifically we ask CISA to consider making it voluntary for SLTT government 1
• Through the Multi-State Information Sharing and Analysis Center MS-ISAC and the 1
• NASS Public Comment Regarding CIRCIA NPRM 2
• Additional Questions Contact NASS nassnass.org 202-624-3525 2
• Page 2 of 3 2
• We suggest SLTT government entities should be able to report cyber incidents to the 2
• MSEI-ISAC and opt-in to having the report shared with CISA. This means of reporting is familiar and effective for SLTT government entities. 2
• As currently proposed the required elements of a cyber incident report are overly broad and 2
• Given these considerations CISA should simplify the initial report to require only 2
• As an example a description of the covered entitys security defenses in 2
• Additionally overlapping authorities among SLTT government entities will often 2
• For example a cyber incident may impact multiple state agencies with 2
• Further we are concerned about the potential of an inadvertent release of data 2
• NASS requests CISA provide a more precise definition of substantial cyber incident and 2
• The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and proposed 2
• We request clarification on the sector-based criteria for election entities in 226.10 2
• Involved 2
• NASS Public Comment Regarding CIRCIA NPRM 3
• Additional Questions Contact NASS nassnass.org 202-624-3525 3
• Page 3 of 3 3
• Does this only apply to third-party vendors in the non-profit or private sectors If 3
• Could it be interpreted to apply to SLTT government entities that provide 3