CISA Seeks Comment on National Cyber Incident Response Plan Update
The Cybersecurity and Infrastructure Security Agency (CISA) is seeking comment on the draft National Cyber Incident Response Plan (NCIRP) Update, published in the Federal Register on December 16, 2024. Comments will be accepted on the draft update until January 15, 2025.
The NCIRP is a national strategic framework for coordinated response to cyber incidents and was first published in 2016. The update was issued in response to the changing cyber threat landscape, and addresses significant changes in policy and federal law, and the new organizational capabilities since the NCIRP was released 8 years ago. The NCIRP concerns cyber incidents of severity Level 2 or above per the Cyber Incident Severity Scheme, which means the incidents may impact public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence.
The NCIRP covers four main areas of effort: Asset Response, Threat Response, Intelligence Support, and Affected Entity Response, and includes coordination mechanisms, key decision points, and priority activities. The NCIRP outlines how government agencies can assist by providing technical help to affected entities, law enforcement/national security investigations, collecting and sharing threat intelligence to mitigate the threat capabilities of adversities, and incident management to limit the impact, ensure operational continuity, and compliance with legal and regulatory requirements.
Rather than a step-by-step guide for responding to cyber incidents, the NCIRP includes flexible response plans that outline the key roles of federal cyber agencies and coordination structures for managing significant cyber incidents that require cross-sector, public-private, or federal coordination. The update includes a defined path for non-federal stakeholders to participate in the coordination of cyber incident response, streamlined content that aligns with the operational lifecycle, legal and policy changes that impact agency roles and responsibilities, and a predictable cycle for future updates to the NCIRP.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
“Today’s increasingly complex threat environment demands that we have a seamless, agile, and effective incident response framework,” said CISA Director Jen Easterly. “This draft NCIRP Update leverages the lessons learned over the past several years to achieve a deeper unity of effort between the government and the private sector. We encourage public comment and feedback to help us ensure its maximum effectiveness.”
