Cyber Incident Annex

Overview
The Cyber Incident Annex discusses policies, organization, actions, and responsibilities for a coordinated, multidisciplinary, broad-based approach to prepare for, respond to, and recover from cyber-related Incidents of National Significance impacting critical national processes and the national economy.

Scope
The Annex describes the framework for federal cyber incident response coordination among federal departments and agencies and, upon request, State, local, tribal, and private-sector entities. The Annex is built primarily upon the National Cyberspace Security Response System (NCSRS), described in the National Strategy to Secure Cyberspace. The NCSRS is a public-private architecture that provides mechanisms for rapid identification, information exchange, response, and remediation to mitigate the damage caused by malicious cyberspace activity.

This framework may be utilized in any Incident of National Significance with cyber-related issues, including significant cyberthreats and disruptions; crippling cyberattacks against the Internet or critical infrastructure information systems; technological emergencies; or Presidentially-declared disasters.