The Cybersecurity and Infrastructure Security Agency published a supplemental manual to its infrastructure resilience planning framework, which provides guidance on improving critical infrastructure security and resiliency. The IRPF Playbook provides state, local, tribal, territorial (SLTT) and private sector stakeholders with processes to help reduce the risk of disruption to critical services during a cyberattack on critical infrastructure, as well as to keep recovery and restoration costs low.
The manual also provides “fictional scenarios like a recipe” to help understand how to implement the guidance, CISA said. The IRPF Playbook outlines key actions for resilience planning, such as establishing incident-response groups, identifying critical infrastructure and those that dependent on it, creating mitigation strategies and integrating solutions into existing protocols. The narrative hypotheticals illustrate how a community might conduct resilience planning or incorporate resilience into existing planning efforts.
“Reading through the Playbook process, not only are the IRPF steps articulated with clear inputs and outputs but the additional guidance on resilience concepts will help communities increase their readiness and bounce back quickly after a disaster,” said David Mussington, CISA’s executive assistant director for infrastructure security in a statement.
The new playbook is a voluntary planning resource, and does not carry “any regulations, define mandatory practices, provide a checklist for compliance or carry statutory authority,” according to CISA.
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt387fd01355a30e8e/6670404e27143f1cee6b2560/Infrastructure_Jochen_Tack_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop
