Federal agencies get new cybersecurity response playbooks
CISA incident response decision tree for federal civilian executive branch agencies
Andrea Peterson November 16, 2021

Federal agencies get new cybersecurity response playbooks

Andrea Peterson

November 16, 2021

Federal agencies get new cybersecurity response playbooks

Federal agencies have new guidance for how to respond to cybersecurity incidents and vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) released playbooks Tuesday that include standardized response procedures for federal civilian executive branch agencies facing such threats.

President Joe Biden tasked CISA with developing the guidance in his May Executive Order on cybersecurity. The playbooks cover how agencies should manage cybersecurity processes related to incidents and vulnerabilities—including preparation, investigation, containment, reporting, and remediation.

While the procedures were developed for use by the federal government, CISA also encourages organizations involved in other levels of government, controlling critical infrastructure, and in the private sector “review them to benchmark their own vulnerability and incident response practices.”

Andrea (they/them) is senior policy correspondent at The Record and a longtime cybersecurity journalist who cut their teeth covering technology policy ThinkProgress (RIP), then The Washington Post from 2013 through 2016, before doing deep dive public records investigations at the Project on Government Oversight and American Oversight. Their work has also been published at Slate, Politico, The Daily Beast, Ars Technica, Protocol, and other outlets. Peterson also produces independent creative projects under their Plain Great Productions brand and can generally be found online as kansasalps.