On January 18, 2017, the Department of Homeland Security (“DHS”) issued an updated National Cyber Incident Response Plan (the “Plan”) as directed by Obama’s Presidential Policy Directive 41, issued this past summer, and the National Cybersecurity Protection Act of 2014.
The Plan applies to cyber incidents, and particularly focuses on significant cyber incidents that are likely to result in demonstrable harm to the United States’ national security interests, foreign relations or economy, or to the public confidence, civil liberties or public health and safety of the American people. The Plan describes a national approach to dealing with cyber incidents by addressing the role that the private sector, state and local governments, and multiple federal agencies play in responding to incidents, and how the actions of these stakeholders fit together to form an integrated response. According to DHS’ press release, the Plan is “not a tactical or operational plan for responding to cyber incidents” but rather is intended to “foster unity of effort for emergency operations planning and will help those affected by cyber incidents understand how Federal departments…provide resources to support mitigation and recovery efforts.”
DHS’ National Protection and Programs Directorate and Federal Emergency Management Agency’s National Integration Center led the Plan’s development, in coordination with the Department of Justice, the Secretary of Defense, the Sector Specific Agencies and other interagency partners, representatives from the 16 critical infrastructure sectors, and state and local governments.