The Department of Homeland Security is currently soliciting public feedback on its National Cyber Incident Response Plan (NCIRP) refresh, a strategic framework described as "a nationwide approach to cyber incidents, to talk about the important role that private sector entities, states, and multiple federal agencies play in responding to cyber incidents and how those activities all fit together."
This revision — part of the broader National Preparedness System architecture — focuses on discrete, critical content, formalizing incident response practices and clarifying organizational roles, responsibilities and actions to prepare for, respond to and coordinate recovery from a significant cyber incident.
The national engagement period — an opportunity for interested parties to comment on the draft
— will close at 5 p.m. EST on Oct. 31, 2016.
The draft has been developed by DHS' National Protection and Programs Directorate and the Federal Emergency Management Agency's National Integration Center in coordination with the Department of Justice, the secretary of defense, sector-specific agencies and other interagency partners, as well as representatives from 16 critical infrastructure sectors and state and local governments.
The NCIRP, which also serves as the cyber annex to the Federal Interagency Operational Plans, reflects insight gathered from development of the interim NCIRP, exercises, real-world incidents and policy updates, such as the Presidential Policy Directive/PPD-41: U.S. Cyber Incident Coordination, as well as the National Cybersecurity Protection Act of 2014.
The NCIRP draft and feedback matrix can be viewed at https://www.us-cert.gov/ncirp.