Rapid7 is supportive of CIRCIA and cyber incident reporting, but we encourage regulators to ensure reporting rules do not impose unnecessary burdens.