JUL 02, 2024 | US
BSA Calls for CISA to Issue a Risk-Based Approach in Upcoming Mandatory Reporting Requirements
Inside Cybersecurity
By Sara Friedman
BSA | The Software Alliance is proposing utilizing a risk-based approach to define what should be considered a "substantial cyber incident" that would qualify for mandatory reporting under the Cybersecurity and Infrastructure Security Agency's upcoming regulatory requirements. "BSA recommends CISA consider two overarching variables to describe substantial cyber incident: the cyber incident's impact on a covered entity's (i) security, that is, the confidentiality, integrity, and availability of its information and information systems and (ii) resilience, that is, its ability to operate under adverse conditions, even if in a degraded state, while maintaining essential operational capabilities or to recover to an effective operational posture in a time frame consistent with its mission needs," the software-focused trade association says in June 28 comments to CISA.
À PROPOS DE BSA
Le Business Software Alliance (www.bsa.org) est le principal organisme de défense et de promotion de l’industrie du logiciel auprès des administrations gouvernementales et sur le marché international. Ses membres comptent parmi les entreprises les plus innovantes au monde, à l’origine de solutions logicielles qui stimulent l’économie et améliorent la vie moderne.