This article focuses on the requirements of CISA's proposed cyber incident reporting rule, the compliance requirements for covered entities and the steps entities can take to protect themselves.