Skip to main content

A covered cyber incident is a term used in some cybersecurity laws and regulations to refer to a specific type of cyber incident that requires reporting. The exact definition of a covered cyber incident may vary depending on the law or regulation in question, but generally, it refers to a cybersecurity incident that poses a threat or potential threat to critical infrastructure or sensitive data.

For example, under the Cybersecurity Information Sharing Act (CISA), a covered cyber incident is defined as an event that is likely to result in the compromise or unauthorized access to classified information or information that is considered sensitive by the federal government. Covered cyber incidents under CISA also include incidents that involve malicious activity or unauthorized access to a computer system that is owned or controlled by the federal government or a critical infrastructure entity.

Similarly, under the Cybersecurity and Infrastructure Security Agency Act (CISA Act), a covered cyber incident is defined as an incident that poses a risk to the security or resiliency of critical infrastructure or could result in the unauthorized access to, disclosure, or destruction of sensitive information.

In general, covered cyber incidents may include cyberattacks such as malware infections, ransomware attacks, data breaches, and other types of cyber threats that have the potential to cause harm or disrupt critical infrastructure. Reporting a covered cyber incident is important for identifying and responding to cyber threats and can help to prevent future incidents from occurring.  Reach out to the experienced attorneys at A Business Law Firm, LLC. by calling our Spartanburg office at (864) 699-9801 who can help you determine the appropriate course of action tailored to your specific needs.