CISA issues draft National Cyber Incident Response Plan for public comment

Bottom line for healthcare leaders

You have until January 15, 2025, to submit public comment on the National Cyber Incident Response Plan (NCIRP), the nation’s strategic framework for coordinated response to cyber incidents. NCIRP highlights four lines of effort: Asset Response, Threat Response, Intelligence Support, and Affected Entity Response. It includes coordination mechanisms, key decision points, and priority activities across the cyber incident response lifecycle.

What happened

CISA, in coordination with the Office of the National Cyber Director (ONCD), has published a draft of the new NCIRP. The agency is seeking public comment on the draft.

CISA collaborated extensively with government and industry partners to provide an agile, actionable updated framework that ensures coherent coordination to match the pace of our adversaries.

Why NCIRP matters

Cyber incidents are a major threat to the healthcare sector. The NCIRP provides a framework for how the government and private sector can work together to respond to these threats, which has been increasingly targeted by malicious actors.

The draft plan highlights the Health Sector Cybersecurity Coordination Center (HC3) and Health ISAC as healthcare-specific resources for additional cyber incident response information.

Healthcare impact

The NCIRP will help to improve the cybersecurity of the healthcare sector and reduce the risk of cyberattacks.

Additional information and resources

• The NCIRP public comment draft  
• Public comments can be submitted through Jan. 15, 2025, at the Federal Register entry for the NCIRP draft.
• Health Stealth Radio: Leveraging simulation in cyber breach communications response strategy
• Cybersecurity resilience takes center stage at CHIME Fall Forum 2024