[CDP-development] CISA Releases Incident and Vulnerability Response Playbooks to Strengthen Cybersecurity for Federal Civilian Agencies

Tue Nov 16 08:12:06 PST 2021

FYSA

CISA Releases Incident and Vulnerability Response Playbooks to Strengthen Cybersecurity for Federal Civilian Agencies

Effort Part of President Biden’s Executive Order to Improve the Nation’s Cybersecurity

CISA Strongly Encourages Private/Public Sector Partners to Review Playbooks to Improve Their Own Vulnerability and Incident Response Practices

November 16, 2021

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Federal Government Cybersecurity Incident and Vulnerability Response Playbooks<https://us-cert.cisa.gov/ncas/current-activity/2021/11/16/new-federal-government-cybersecurity-incident-and-vulnerability>. Produced in accordance with Executive Order 14028, “Improving the Nation’s Cybersecurity,” the playbooks provide federal civilian agencies with a standard set of procedures to respond to vulnerabilities and incidents impacting Federal Civilian Executive Branch networks.  

“The playbooks we are releasing today are intended to improve and standardize the approaches used by federal agencies to identify, remediate, and recover from vulnerabilities and incidents affecting their systems,” said Matt Hartman, Deputy Executive Assistant Director for Cybersecurity. “This important step, set in motion by President Biden’s Cyber Executive Order, will enable more comprehensive analysis and mitigation of vulnerabilities and incidents across the civilian enterprise. We encourage our public and private sector partners to review the playbooks to take stock of their own vulnerability and incident response practices.”

The Incident Response Playbook applies to incidents that involve confirmed malicious cyber activity and for which a major incident has been declared or not yet been reasonably ruled out.  The Vulnerability Response Playbook applies to any vulnerability that is observed to be used by adversaries to gain unauthorized entry into computing resources. This playbook builds on CISA’s Binding Operational Directive 22-01<https://cyber.dhs.gov/bod/22-01/> and standardizes the high-level process that should be followed when responding to these vulnerabilities that pose significant risk across the federal government, private and public sectors.

Building on lessons learned from previous incidents and incorporating industry best practices, CISA intends for these two playbooks<https://cisa.gov/sites/default/files/publications/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf> to strengthen cybersecurity response practices and operational procedures not only for the federal government, but also for public and private sector entities. The playbooks contain checklists for incident response, incident response preparation, and vulnerability response that can be adapted to any organization to track necessary activities to completion.   

For more details about the playbooks and CISAs role supporting President Biden’s Cyber Executive Order, visit Executive Order on Improving the Nation’s Cybersecurity<https://www.cisa.gov/executive-order-improving-nations-cybersecurity>.  

Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image002.png at 01D7DAB9.91EA8630]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211116/4ee541b8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 16152 bytes
Desc: image002.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211116/4ee541b8/attachment-0001.png>