Index/Topics/NIST Cybersecurity Framework

NIST Cybersecurity Framework

The REPORT Act requires preservation to be consistent with the most recent version of the NIST Cybersecurity Framework.

Fact-Checks

3 results

Jan 28, 2026

What does the REPORT Act require platforms to preserve after a CyberTipline submission and for how long?

The requires providers that submit a CyberTipline report to preserve "the contents provided in the report" — including comingled content and associated subscriber or account information — for one year...

Feb 7, 2026

What does the REPORT Act require of platforms regarding CyberTipline retention and transfer timelines?

The requires providers who submit to preserve the contents of those reports for at least one year after submission, upending the prior 90‑day preservation rule and allowing voluntary longer retention ...

Jan 21, 2026

What does the REPORT Act change about preservation and how has it affected investigations since 2024?

The lengthened the mandatory preservation period for materials tied to from 90 days to one year and added related cybersecurity and vendor-guidance requirements, while expanding the scope of what prov...

Your fact-checks

NIST Cybersecurity Framework

Fact-Checks

What does the REPORT Act require platforms to preserve after a CyberTipline submission and for how long?

What does the REPORT Act require of platforms regarding CyberTipline retention and transfer timelines?

What does the REPORT Act change about preservation and how has it affected investigations since 2024?