Reposted from CISA

The Cybersecurity Infrastructure Security Agency (CISA) is pleased to formally announce next steps of an important effort to update the National Cyber Incident Response Plan (NCIRP). As directed by the White House, in the 2023 National Cybersecurity Strategy, CISA will lead the process to update the NCIRP.  

 

As set forth in the National Cybersecurity Strategy Implementation Plan, CISA, in coordination with the Office of the National Cyber Director (ONCD), will gather input from public and private sector partners– including the federal interagency, Sector Risk Management Agencies, and regulators to incorporate appropriate changes to the NCIRP to make it more modern, agile, and flexible. The updated NCIRP will strengthen existing processes, procedures, and systems to more fully reflect that a “call to one is a call to all.” 

 

First published in 2016, the NCIRP is the Nation’s framework for coordinated response to significant cyber incidents. Since that time, much has changed to both the threat landscape and the cyber defense ecosystem. Through the Joint Cyber Defense Collaborative (JCDC), CISA will work to ensure that the updated NCIRP addresses significant changes in policy and cyber operations since the initial NCIRP was released. 

In leading the development of NCIRP 2024, CISA will ensure the work is grounded in the following principles:  

 

1. Collaboration. National cyber incident response requires deep commitment to partnerships across all levels of government, industry and with our international partners. The NCIRP 2024 will reflect this commitment to the vast community of diverse stakeholders and promote collaboration. 
2. Shared Responsibility. Cybersecurity is a collaborative effort with entities across the cybersecurity ecosystem uniquely contributing to a national cyber incident response. The NCIRP 2024 will challenge traditional methods of working with our partners, and move toward more forward-leaning, action-oriented collaboration to deploy the full potential of each party’s authorities, capabilities, and expertise.  
3. Learning from the Past. The past eight years have seen cyber incidents of unprecedented scale, impact, and sophistication. The NCIRP 2024 will incorporate lessons learned from past cybersecurity incidents to and further enhance incident response coordination efforts.  
4. Keeping Pace with Innovation. The cybersecurity landscape is a complex ever-evolving environment. The NCIRP 2024 will integrate processes capable of maneuvering its dynamic nature. This approach reflects a shift to greater proactivity for achieving clearly defined and intended outcomes. This change demonstrates our commitment to the sophisticated cybersecurity landscape by remaining vigilant and acting quickly whenever needed.   

The NCIRP 2024 planning initiative is part of the JCDC Planning Agenda, bringing together government and the private sector to execute cyber defense plans that achieve specific risk reduction goals and enable more focused collaboration.  

We are committed to remaining transparent about the work being performed throughout this process over the next year and a half and invite the public to follow its progress by visiting The National Cyber Incident Response Plan (NCIRP) or reviewing the fact sheet.

We look forward to the work ahead and are grateful for the willingness of our colleagues across all levels of government, the private sector and civil society to participate in this important process.

See Original Post