The Cybersecurity and Infrastructure Security Agency published a draft update to the National Cyber Incident Response Plan on Monday, a step toward fulfilling one of the goals of last year’s national cybersecurity strategy.
The draft updates, an effort that started in the fall of 2023 in coordination with the Joint Cyber Defense Collaborative and the Office of the National Cyber Director, aims to address procedural and policy changes in cybersecurity since the NCIRP was released in 2016.
The federal agency is requesting public comments from cybersecurity professionals and incident response stakeholders on the updated plan via the Federal Register until Jan. 15, 2025.
The NCIRP isn’t intended to be a prescriptive manual for incident response, but rather a framework for coordinated response efforts across assets, threats, intelligence and impacted organizations. The document will also give private-sector organizations a better understanding of how they can coordinate with the government during an incident response.
A group of more than 150 cybersecurity experts from 66 organizations contributed to the National Cyber Incident Response Plan update. The draft update includes a path for non-federal stakeholders to participate in coordinated cyber incident response, and legal and policy changes impacting agency roles and responsibilities.
“Today’s increasingly complex threat environment demands that we have a seamless, agile, and effective incident response framework,” CISA Director Jen Easterly said in a statement. “This draft NCIRP Update leverages the lessons learned over the past several years to achieve a deeper unity of effort between the government and the private sector. We encourage public comment and feedback to help us ensure its maximum effectiveness.”
Easterly last month confirmed she plans to step down from CISA on President-elect Donald Trump’s Inauguration Day.