"First, it defines the roles and responsibilities of federal, state, local, territorial and tribal entities, the private sector and international stakeholders during a cyber incident. Second, it identifies the capabilities required to respond to a significant cyber incident. And third, it describes the way the federal government will coordinate its activities with those affected by a cyber incident."
The plan outlines which entities take response leadership roles and how they coordinate efforts by forming a Cyber Unified Coordination Group, as well as how private entities can share threat indicators to warn of a cyber attack.
DHS had solicited public feedback in October for how to update the NCIRP.
Johnson stressed that the plan was not a "
tactical or operational" guide to cyberattacks, but instead a strategic framework on which stakeholders can shepherd coordination efforts.
"This common doctrine will foster unity of effort for emergency operations planning and will help those affected by cyber incidents understand how Federal departments and agencies and other national-level partners provide resources to support mitigation and recovery efforts," he said.