![]() Improved information sharing and situational awareness – Establishing a one-hour notification time frame for all incidents to improve US-CERT’s ability to understand cybersecurity events affecting the government.Greater quality of information – Alignment with incident reporting and handling guidance from NIST 800-61 Revision 2 to introduce functional, informational, and recoverability impact classifications, allowing US-CERT to better recognize significant incidents.These guidelines support US-CERT in executing its mission objectives and provide the following benefits: Reporting by entities other than federal Executive Branch civilian agencies is voluntary. This includes incidents involving control systems, which include supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), programmable logic controllers (PLCs) and other types of industrial measurement and control systems. The Federal Information Security Modernization Act of 2014 (FISMA) defines "incident" as "an occurrence that (A) actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system or (B) constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies." FISMA requires federal Executive Branch civilian agencies to notify and consult with US-CERT regarding information security incidents involving their information and information systems, whether managed by a federal agency, contractor, or other source. This document provides guidance to Federal Government departments and agencies (D/As) state, local, tribal, and territorial government entities Information Sharing and Analysis Organizations and foreign, commercial, and private-sector organizations for submitting incident notifications to the Cybersecurity and Infrastructure Security Agency (CISA)/United States Computer Emergency Readiness Team (US-CERT). For questions, please email PDF version of this guideline document available here. D/As are permitted to continue reporting incidents using the previous guidance until said date. These guidelines are effective April 1, 2017. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |