In the event of a cyber-attack on your company’s IT infrastructure, it’s crucial to report the incident in detail to law enforcement using the Voluntary Cyber Incident Reporting Portal, even if reporting is not mandated for your organization.
This portal set up by America’s Cyber Defense Agency not only facilitates reporting but also serves as a valuable resource for businesses. It provides guidance on whom to report to, the importance of reporting, and how to communicate the incident to the public. Additionally, the Cybersecurity and Infrastructure Security Agency (CISA) offers support through this platform, helping firms understand proactive security measures that can reduce cyber risks. The portal also tracks information on exploited vulnerabilities and provides updates on available fixes.
By centralizing the reporting of cyber incidents, the U.S. government demonstrates its commitment to helping organizations understand how reporting and responding to incidents can significantly deter criminal activity.
“The portal offers unique resources and tools to aid response and recovery,” stated Jeff Greene, Executive Assistant Director for Cybersecurity at CISA. He emphasized that this platform will support law enforcement in investigating, tracking, and prosecuting cybercriminals, which in turn helps to prevent future attacks.
The CISA Services Portal is a key component of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which was proposed in March 2024 and is set to launch in October 2025.
The Department of Homeland Security (DHS) anticipates that its CISA component will receive at least 25,000 reports in its first year and will serve all 300,000 organizations across 16 sectors.
Jen Easterly, Director of CISA in 2022, praised the website, noting that it is designed not to name, shame, or blame but to provide support and ensure the privacy of victims.