A draft of the updated National Cyber Incident Response Plan was unveiled this week, promising a more robust approach to handling cyber incidents and enhancing coordination between the government and private sector stakeholders. The plan, which is open for public feedback until January 15, 2025, aims to provide flexible response strategies that cater to the unique needs of different sectors while clearly defining the roles of various federal agencies.
Jeff Greene, the executive assistant director of cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), highlighted the collaborative effort that went into developing the updated plan. Over 150 experts from 66 organizations, including key public-private partners, were involved in shaping the new framework, which is a response to the evolving cyber threat landscape.
According to Greene, the ever-changing nature of cyber threats necessitates a proactive and coordinated approach to safeguarding the economy, national security, and public safety. The updated plan takes into account the lessons learned from recent high-profile cyber incidents, such as the SolarWinds hack and the Colonial Pipeline ransomware attack, and outlines structured coordination mechanisms for managing such crises effectively.
One of the key features of the updated plan is the establishment of a White House cyber response group, which will be responsible for driving policy and strategy formulation across public, private, and federal sectors during cyber incidents. Additionally, CISA will lead the Cyber Unified Coordination group to ensure alignment between federal response efforts, sector-specific risk management agencies, and critical infrastructure sectors.
Since its inception in 2018, CISA has been at the forefront of federal responses to major cyber incidents, providing guidance to both public and private sectors on cybersecurity best practices. However, experts have raised concerns about the lack of additional funding and resources, which could potentially hinder the effective implementation of the new strategy.
CISA Director Jen Easterly emphasized the importance of deeper collaboration between the government and the private sector, leveraging the insights gained from past experiences to enhance unity of effort in responding to cyber threats. The draft plan includes specific timeframes for incident response, requiring timely reporting and stakeholder collaboration to improve coordination and planning.
In the event of a cyber incident, the plan outlines the roles of various law enforcement entities, including the Department of Justice, FBI, National Cyber Investigative Joint Task Force, and Secret Service. These agencies will work together to develop and implement threat responses, with CISA taking the lead in coordinating efforts to protect affected entities and their assets.
Overall, the draft National Cyber Incident Response Plan update represents a significant step towards strengthening the nation’s cybersecurity posture and fostering closer collaboration between the government and private sector stakeholders. With the public feedback period open until mid-January, stakeholders have the opportunity to contribute their insights and help shape the future of cyber incident response in the United States.