The Department of Homeland Security (DHS) recently released the National Cyber Incident Response Plan (NCIRP). DHS led the development of this document, in coordination with the Departments of Justice and Defense, the Office of the Director of National Intelligence, the Sector Specific Agencies (SSAs) and other interagency partners, representatives from across 16 critical infrastructure sectors, others in the private sector, and state and local governments.
This Plan applies to cyber incidents and more specifically those with high likelihood to result in demonstrable harm to the nation’s security interests, foreign relations, and/or economy well as the public confidence, civil liberties, or public health and safety of the American people.
The NCIRP includes the following:
- Description of a national approach to dealing with cyber incidents, emphasizing the important role played by the private sector, states, and multiple federal agencies and how the actions of all relevant stakeholders fit together for an integrated response;
- Reflection on lessons learned from exercises and real U.S. incidents and policy updates, such as Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination Policy and the National Cybersecurity Protection Act of 2014;
- Explanation of the roles taken on by lead Federal agencies during a significant cyber incident.
To view the entire NCIRP, please follow this link.