Last fall, multiple industry organizations led by the Cyber Threat Alliance (CTA) and the Institute for Security and Technology (IST) came together to provide input regarding cyber incident reporting for US entities This group identified a set of principles and developed a model reporting format that the Cybersecurity and Infrastructure Security Agency (CISA) could use as the foundation for its incident reporting regulations. The updated, global edition of the framework presented here builds off that first document that CTA and IST released in November 2022, and adds significant contextual discussion. It develops a model reporting format that cybersecurity authorities and other government authorities worldwide could use as the foundation for their national reporting frameworks and regulatory language. CTA and IST wish to thank the contributing organizations, including the drafters and co-sponsors of the
documents.