Cyber Incident Reporting Framework
Cyber Threat Alliance, Institute for Security and Technology
SUMMARY
A group led by Cyber Threat Alliance and the Institute for Security and Technology that includes CREST, CipherTrace, Coveware, Cybera, Cybercrime Support Network, Cyber Peace Institute, Open Cybersecurity Alliance, and SolarWinds has come together to provide input regarding cyber incident reporting.
This group has identified a set of principles that the incident reporting regulation should incorporate, and we have developed a set of model reporting formats the Cybersecurity and Infrastructure Security Agency (CISA) could use as the foundation for the reporting forms. The report contains 3 sections:
- Purpose, Expectations, and Definitions
- Principles
- Incident Reporting Fields
Framework appendices include an explanation of why the U.S. government should collect the proposed information in the Cyber Incident Reporting Form and a sample, generic CIRF report.
download pdf