Hi All,
The Cybersecurity and Infrastructure Security Agency (CISA) published the draft National Cyber Incident Response Plan (NCIRP) Update today for public comment on the Federal Register. Through the Joint Cyber Defense Collaborative (JCDC) and in close coordination with the Office of the National Cyber Director (ONCD), this update addresses significant changes in policy and cyber operations since NCIRP was released in 2016.
The NCIRP is the nation's strategic framework for coordinated response to cyber incidents along four lines of effort: Asset Response, Threat Response, Intelligence Support, and Affected Entity Response. It includes coordination mechanisms, key decision points, and priority activities across the cyber incident response lifecycle. The NCIRP also identifies structures that response stakeholders should leverage to coordinate cyber incidents requiring cross-sector, public-private, or federal coordination; however, it is not meant to be a step-by-step instruction manual.
CISA collaborated extensively with government and industry partners to provide an agile, actionable updated framework that ensures coherent coordination to match the pace of our adversaries. Key updates in this draft include:
A defined path for non-federal stakeholders to participate in coordination of cyber incident response; Improved usability by streamlining content and aligning to an operational lifecycle; Relevant legal and policy changes impacting agency roles and responsibilities; and A predictable cycle for future updates of the NCIRP.
"Today's increasingly complex threat environment demands that we have a seamless, agile, and effective incident response framework," said CISA Director Jen Easterly. "This draft NCIRP Update leverages the lessons learned over the past several years to achieve a deeper unity of effort between the government and the private sector. We encourage public comment and feedback to help us ensure its maximum effectiveness."
The draft is at National Cyber Incident Response Plan Update
https://www.cisa.gov/resources-tools/resources/national-cyber-incident-response-plan-update-public-comment-draft
and public comments can be posted on the Federal Register
https://www.federalregister.gov/documents/2024/12/16/2024-29395/request-for-comment-on-the-national-cyber-incident-response-plan-update.
------------------------------
Michael Roza CPA, CISA, CIA, CC, CCSKv5, CCZTv1, MBA, EMBA, CSA
------------------------------