On November 3, ​NRECA filed comments in response to Cybersecurity and Infrastructure Security Agency's (CISA) Request for Information (RFI) on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). The act requires CISA to develop and implement regulations requiring certain covered entities to report covered cyber incidents and ransomware payments to CISA when they have a national-level impact. NRECA's position is that electric utilities within the U.S. already report cyber security incidents to the federal government based on a structure enshrined in various statutes. Therefore, CISA should provide flexibility in the proposed rule and coordinate with DOE and FERC to ensure current information sharing at the federal level is maintained. The comments include a detailed description of the current reporting structure used within the electricity subsector. Furthermore, this position is supported by the Chairman and Ranking Member of the House Committee on Energy and Commerce and the Senate Committee on Energy and Natural Resources in their April 8th letter to DOE Secretary Jennifer Granholm regarding the implementation of CIRCIA.​