CISA Announces Solicitation Round for National Cyber Incident Response Plan Updates

The Cybersecurity and Infrastructure Security Agency has announced a feedback solicitation procedure as part of the agency’s efforts to update the National Cyber Incident Response Plan.

According to CISA, the feedback solicitation period would inform the NCIRP 2024 planning effort, directed by the Biden administration’s 2023 National Security Strategy. The NCIRP 2024 is grounded on the principles of national cyber incident response unification, shared cybersecurity responsibility, collective lessons from past cyber incidents and adaptation to evolving environments.

Public and private sector organizations are asked to submit feedback on NCIRP updates. The solicitation procedure will be done in partnership with the Office of the National Cyber Director, CISA said.

The NCIRP was first published in 2016 to serve as the framework for the United States’ cyber incident response. The anticipated changes to the plan were borne out of the rapid changes in the technology landscape and the threats associated with the advancements.

The administration’s National Cybersecurity Strategy tasks the ONCD and the Office of Management and Budget to set baseline cybersecurity rules for critical infrastructure and mandated CISA to promote a secure-by-design approach. It also tasks OMB with helping other government agencies speed up IT modernization programs to phase out vulnerable legacy systems.