The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) is a US federal law requiring critical infrastructure entities to report significant cyber incidents to CISA within 72 hours and ransomware payments within 24 hours.

Who must comply with CIRCIA?

CIRCIA applies to entities in the 16 critical infrastructure sectors defined by CISA, including energy, financial services, healthcare, transportation, water systems, communications, defense, and information technology.

What are the CIRCIA reporting deadlines?

Covered entities must report substantial cyber incidents within 72 hours of reasonably believing an incident occurred, and ransomware payments within 24 hours of payment. Reports are submitted to CISA and are protected from legal liability.

Will I receive a certificate upon completion?

Yes! Upon successfully completing the course and passing all assessments, you'll receive a verified certificate of completion that you can share on LinkedIn or include in your resume.

How long do I have access to the course?

Once purchased, you receive 12 months of access to all course materials. This includes all video lessons, downloadable resources, and any updates published during that period.

Explore Courses

Compliance›English

CIRCIA Compliance Essentials

Master CIRCIA compliance - 72-hour incident reporting, 24-hour ransom reporting, data preservation, and incident response planning. For critical infrastructure.

4.5(76 reviews)

191+students

1h 24min

10 Lessons

6 modules

Intermediate

Last updated: Feb 2026

Course Overview

This course covers compliance with the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). You'll learn about the mandatory 72-hour reporting requirement for significant cyber incidents and the 24-hour reporting requirement for ransom payments. The course covers which entities must comply, what constitutes a reportable incident, data preservation requirements, and how to prepare your incident response capabilities for CIRCIA compliance. Includes an incident reporting playbook and internal escalation matrix you can customize for your organization.

Who this course is for

CISOs at critical infrastructure organizations
Incident response team leads
Compliance officers at covered entities
Security operations managers
Legal counsel advising critical infrastructure clients

What you will learn

Which organizations must comply with CIRCIA
What incidents require 72-hour reporting
When 24-hour ransom payment reporting applies
Data preservation and retention requirements
How to prepare your incident response for CIRCIA

What you will gain

Determine if CIRCIA applies to your organization
Identify reportable incidents correctly
Meet 72-hour and 24-hour reporting requirements
Implement required data preservation
Prepare incident response for CIRCIA compliance

What You'll Learn

Determine CIRCIA applicability to your organization

Identify reportable incidents under CIRCIA

Meet 72-hour and 24-hour reporting requirements

Prepare incident response for CIRCIA requirements

This course includes

Video lessons on CIRCIA requirements

Cyber incident reporting playbook

Internal escalation matrix template

Compliance checklist

Certificate of completion

Curriculum

6 modules • 10 lessons • 1h 24min

Frequently Asked Questions

Related Courses

GDPR Masterclass: Building a Culture of Compliance

Master GDPR compliance from data principles to breach response. A comprehensive course with templates, case studies, and certification.

45 lessons

Become a DPO: Your Path to Data Protection Leadership

Become a certified Data Protection Officer. Master GDPR compliance, incident management, and organizational leadership in data protection.

25 lessons

PDPL compliance essentials

Navigate Saudi Arabia's Personal Data Protection Law - consent requirements, cross-border transfers, breach response, and data subject rights.

13 lessons

$319 USD

/year • 12-month access

191 students enrolled

Full course access for 12 months

All updates included

Completion certificate

30-day money-back guarantee

Compliance›English

CIRCIA Compliance Essentials

Master CIRCIA compliance - 72-hour incident reporting, 24-hour ransom reporting, data preservation, and incident response planning. For critical infrastructure.

4.5(76 reviews)

191+students

1h 24min

10 Lessons

6 modules

Intermediate

Last updated: Feb 2026

Course Overview

Who this course is for

CISOs at critical infrastructure organizations
Incident response team leads
Compliance officers at covered entities
Security operations managers
Legal counsel advising critical infrastructure clients

What you will learn

Which organizations must comply with CIRCIA
What incidents require 72-hour reporting
When 24-hour ransom payment reporting applies
Data preservation and retention requirements
How to prepare your incident response for CIRCIA

What you will gain

Determine if CIRCIA applies to your organization
Identify reportable incidents correctly
Meet 72-hour and 24-hour reporting requirements
Implement required data preservation
Prepare incident response for CIRCIA compliance

What You'll Learn

Determine CIRCIA applicability to your organization

Identify reportable incidents under CIRCIA

Meet 72-hour and 24-hour reporting requirements

Prepare incident response for CIRCIA requirements

This course includes

Video lessons on CIRCIA requirements

Cyber incident reporting playbook

Internal escalation matrix template

Compliance checklist

Certificate of completion

Curriculum

6 modules • 10 lessons • 1h 24min

Frequently Asked Questions

Related Courses

GDPR Masterclass: Building a Culture of Compliance

Master GDPR compliance from data principles to breach response. A comprehensive course with templates, case studies, and certification.

45 lessons

Become a DPO: Your Path to Data Protection Leadership

Become a certified Data Protection Officer. Master GDPR compliance, incident management, and organizational leadership in data protection.

25 lessons

PDPL compliance essentials

Navigate Saudi Arabia's Personal Data Protection Law - consent requirements, cross-border transfers, breach response, and data subject rights.

13 lessons

$319 USD

/year • 12-month access

191 students enrolled

Full course access for 12 months

All updates included

Completion certificate

30-day money-back guarantee

CIRCIA Compliance Essentials | CompliQuest

CIRCIA Compliance Essentials

Who this course is for

What you will learn

What you will gain

1introduction and scope 1 lesson

2who must comply 1 lesson

3reporting requirements 3 lessons

4compliance and consequences 2 lessons

5preparation and best practices 2 lessons

What is CIRCIA?

Who must comply with CIRCIA?

What are the CIRCIA reporting deadlines?

Will I receive a certificate upon completion?

How long do I have access to the course?

GDPR Masterclass: Building a Culture of Compliance

Become a DPO: Your Path to Data Protection Leadership

PDPL compliance essentials

CIRCIA Compliance Essentials

Who this course is for

What you will learn

What you will gain

1introduction and scope 1 lesson

2who must comply 1 lesson

3reporting requirements 3 lessons

4compliance and consequences 2 lessons

5preparation and best practices 2 lessons

What is CIRCIA?

Who must comply with CIRCIA?

What are the CIRCIA reporting deadlines?

Will I receive a certificate upon completion?

How long do I have access to the course?

GDPR Masterclass: Building a Culture of Compliance

Become a DPO: Your Path to Data Protection Leadership

PDPL compliance essentials