Revised National Cyber Incident Response Strategy Proposed by CISA and ONCD
The Cybersecurity and Infrastructure Security Agency (CISA) has recently published a draft update to the National Cyber Incident Response Plan (NCIRP), marking a significant step forward in enhancing the nation's cybersecurity framework. The updates, initiated in the fall of 2023, are being coordinated with the Joint Cyber Defense Collaborative and the Office of the National Cyber Director.
The draft update aims to address procedural and policy changes in cybersecurity since the NCIRP was first released in 2016. It is designed to strengthen coordination among federal, state, local, tribal, and territorial stakeholders, enhancing incident detection and response capabilities, improving information sharing protocols, and incorporating new threat landscapes, including emerging technologies like artificial intelligence (AI).
CISA Director Jen Easterly emphasised the need for a seamless, agile, and effective incident response framework in today's complex threat environment. The federal agency is requesting public comments from cybersecurity professionals and incident response stakeholders on the updated plan via the Federal Register until January 15, 2025.
The draft update also includes a path for non-federal stakeholders to participate in coordinated cyber incident response. It is intended to provide private-sector organisations with a better understanding of how they can coordinate with the government during an incident response. However, specific details about the key changes in the updated NCIRP, as per the draft published by CISA, are not yet available.
The document will leverage lessons learned over the past several years to achieve a deeper unity of effort between the government and the private sector. Easterly encourages public comment and feedback to help ensure the draft's maximum effectiveness.
It is worth noting that more than 150 cybersecurity experts from 66 organisations contributed to the National Cyber Incident Response Plan update. CISA's updates often emphasise clarifying roles and responsibilities, improving communication channels, and expanding public-private partnership frameworks to ensure a more effective and unified response to cyber incidents.
This draft update is a step toward fulfilling one of the goals of last year's national cybersecurity strategy. As the CISA continues to refine the NCIRP, official releases or government cybersecurity websites will be the definitive sources for the exact key changes once they make the draft publicly available.
Easterly plans to step down from CISA on President-elect Donald Trump's Inauguration Day, but her commitment to strengthening the nation's cybersecurity remains unwavering. The updated NCIRP represents a significant step forward in this endeavour, underscoring the collective efforts of the cybersecurity community to protect the nation from cyber threats.
Cybersecurity professionals and incident response stakeholders are invited to provide feedback on the updated National Cyber Incident Response Plan (NCIRP), which aims to strengthen incident response capabilities and enhance coordination among federal, state, local, tribal, and territorial stakeholders. The new plan also outlines a path for non-federal stakeholders to participate in coordinated cyber incident response, with a focus on improving information sharing protocols and incorporating new threat landscapes, such as artificial intelligence (AI).
