Planning for Significant Cyber Incidents


Cyber incidents that pose a great threat to national security, foreign relations, and the U.S. economy are on the rise. The Cybersecurity and Infrastructure Security Agency (CISA) asked the Homeland Security Operational Analysis Center (HSOAC) to develop a how-to guide (not available to the general public) to address this issue and assist decisionmakers in planning and responding to these incidents. HSOAC has released a report summarizing the major concepts of the contingency plan (CONPLAN) in the how-to guide. HSOAC emphasizes the biggest risk is in regard to U.S. National Critical Functions (NCFs).

The U.S. government defines NCFs as:

functions of government and the private sector so vital to the United States that their disruption, corruption, or dysfunction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”

The report outlines the planning process in five steps:

  1. Gather data and survey the threats;
  2. Develop mission statements and objectives;
  3. Develop courses of action;
  4. Draft a plan; and
  5. Evaluate risks to the plan.

CISA intends for this report to enhance cyber incident coordination efforts among private-sector stakeholders and federal respondents. Because there have been relatively few cyber incidents, it is necessary to refine federal capabilities to improve preparedness. Through planning, stakeholders can increase their coordination and communication efforts and eventually share their insights with CISA to further secure NCFs.

For more information, check out HSDL’s In Focus on Cyber Crime and National SecurityCyber Infrastructure Protection, and Cyber Policy.


Note: you may need to login to the HSDL to view some resources mentioned in the blog.

Need help finding something?  Ask our librarians for assistance!

Scroll to Top