Chapter 7: Participating in a National Cyberspace Security Response System

Overview

The National Strategy to Secure Cyberspace provides a framework for organizing and prioritizing cybersecurity efforts by setting the direction for federal government departments and agencies that have roles in cybersecurity. In addition, it identifies steps that state and local governments, private companies and organizations, and individual citizens can take to participate in national efforts. The strategic objectives of the National Strategy to Secure Cyberspace are the following:

• Preventing cyberattacks against national critical infrastructures.

• Reducing national vulnerability to cyberattacks.

• Minimizing damage and recovery time from cyberattacks that do occur.

This chapter discuses the goals of priority I of the National Strategy to Secure Cyberspace, which calls for participation in a national cyberspace security response system and establishes the steps that an organization should take, including the following:

• Prepare to participate in a public-private architecture for responding to national-level cyberincidents, which may mean that under certain alert conditions, organizations will need to reports various types of activities and intrusion attempts.

• Prepare to contribute to the development of tactical and strategic analysis of cyberattacks and vulnerability assessments, which will require more detailed reporting of activities and intrusion attempts on an ongoing basis.

• Join in a shared synoptic view of the health of cyberspace with government agencies and other organizations.

• Be a recipient of information from an expanded CWIN when DHS is coordinating crisis management activities for cyberspace security and participate in national incident-management efforts.

• Participate in the development of national public-private continuity and contingency planning efforts, as well as mobilization exercises to test plans.