The National Institute of Standards and Technology has released a guide the agency developed to help organizations resume their normal operations after a cybersecurity incident.NIST said in the guide issued June 6 that the document aims to assist government agencies in efforts to incorporate cyber recovery processes and procedures into their enterprise risk management plan.
After a 2015 review over cybersecurity systems and plans of federal agencies, the government discovered what NIST called “inconsistencies in cyber event response capabilities among federal agencies.â€
“Although there are existing federal policies, standards and guidelines on cyber event handling, none of them focuses solely on improving security recovery capabilities, nor is the fundamental information captured in a single document,†NIST said.
NIST wants agencies to use the guide in their work to develop recovery plans in form of customized playbooks.
