The Cybersecurity and Infrastructure Security Agency (CISA) is implementing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022, which requires CISA to develop and implement regulations mandating that covered entities report covered cyber incidents and ransomware payments. According to a Federal Register Notice published on February 13, 2026, CISA is holding a series of virtual town hall meetings to provide external stakeholders a limited additional opportunity to offer input on refining the scope and burden of the CIRCIA Notice of Proposed Rulemaking, which was originally published on April 4, 2024. Among these sessions, CISA will host a town hall for the Emergency Services Sector, Government Facilities Sector, and Healthcare and Public Health Sector on March 17, 2026, at 11:00 a.m. Eastern Time. Additional sector specific meetings are scheduled between March 9 and March 19, 2026, with two general sessions planned for March 31 and April 2, 2026, and registration is required by 5:00 p.m. Eastern Time two business days before each meeting. All meetings are tentatively scheduled for two hours during core business hours, may be extended, rescheduled, or canceled, and will be recorded and transcribed, with transcripts published in the CIRCIA rulemaking docket. Stakeholders wishing CISA to consider data or written materials must submit them in writing within seven calendar days after the meeting, and submitted materials will be made publicly available in the rulemaking docket. For additional information, please visit CISA’s Cyber Incident Reporting for Critical Infrastructure Act of 2022 town hall meetings webpage.