The Cybersecurity and Infrastructure Security Agency (CISA) is updating the National Cyber Incident Response Plan (NCIRP) 2024, the primary strategic framework for coordinating with the federal sector in response to significant cyber incidents.
In the spirit of whole of community response and collaborative cyber defense, CISA is inviting stakeholders from across public and private sectors, academia, and individual researchers, and experts in cybersecurity and response, to attend a series of three virtual NCIRP 2024 listening sessions.
The intent of these sessions is to hear feedback about the existing NCIRP and any experience with incident response coordination with the federal government more broadly. A draft of the NCIRP 2024 is being prepared and will be posted to CISA’s NCIRP webpage for public comment this summer. Perspectives gathered during the listening sessions will inform the update which will be published at the end of calendar year 2024.
CISA is releasing a newsletter series, New and Noteworthy, to support the NCIRP 2024 update. Each newsletter will keep the public informed on planning processes, plan development, and stakeholder engagement efforts in support of the NCIRP 2024.
The first listening session was held on May 8, 2024. During this session, CISA addressed the following topics:
- Overview of the NCIRP and the process for updating the 2024 Plan.
- The role of Information Sharing and Analysis Centers (ISACs).
- The integration of state, local, tribal, and territorial (SLTT) entities into cyber incident response.
- The role of state fusion centers in the information sharing process
- Cyber incident reporting, specifically, how to define who an “asset owner” is and who should be contacted during a significant cyber incident.
CISA has just announced its second listening session, which will be held on Thursday, June 27, 2024, from 1-2 p.m. EDT. See CISA’s second issue of New and Noteworthy to learn more and register.
For more information on the NCIRP, visit CISA’s NCIRP page.