CISA Issues Joint Public-Private Sector Response Mechanism Against Cyberattacks

The Cybersecurity and Infrastructure Security Agency has released a guide supplementing its infrastructure resilience planning framework for local government and private sector partnerships to boost critical U.S. infrastructure protection against cyberattacks. 

According to David Mussington, CISA’s executive assistant director for infrastructure security, the new playbook not only defines the IRPF steps but also guides communities further on resilience concepts, helping strengthen their cyber response readiness to enable them to “bounce back quickly after a disaster,” StateScoop reported Thursday.

The new manual provides users with processes and exercise simulations designed to help limit cyberattack impact and minimize service disruption and restoration costs.

It also charts the key steps for resilient response, such as forming incident-response bodies, pinpointing critical infrastructures and their users, formulating mitigation tactics and integrating solutions with established procedures. 

The new guidebook follows CISA’s release in April of its proposed cyber incident reporting directive for government agencies covering the 16 critical U.S. infrastructures, including defense, energy, agriculture and maritime industries. The agency’s website notes that the playbook is a voluntary planning tool and does not “carry statutory authority.”