Home » Functions » Plan (RC.RP) » RC.RP-4 Recovery Communications

Description

This covers two aspects of communications.

1)  Out-of-band communication (OOB)

Out of band communication is the ability to use alternative communication channels outside those impacted by the cyber incident or normally used for normal IT operations to avoid being intercepted by the adversary. OOB includes ‘lights-out-management’ interfaces that are used in the event of disaster recovery, e.g. Integrated Lights-Out (iLO), intelligent platform management interface (IPMI).

2) Recovery communication plan.

Social recovery communication plan is a set of description on how the various stakeholders, e.g. service providers, recovery providers (See RC.CI-6), hosting providers, and internal stakeholders will be contacted and informed in the event of recovery operation ^[21]. This includes specific notification and reporting or escalation procedures e.g. Press Office, Human Resource, Legal and Public Relations notifications ^[12]. If an organisation has a crisis communication plan, then cyber recovery communication plan can be merged into one document or included to the crisis communications plan. A crisis communication plan documents standard procedure (SOPs) for internal and external communications in the event of a disruption ^[30].

Outcomes / Outputs

(Conduct / Fix / Ingest / List / Plan / Procure / Produce / Report / Review / Set / Test  / Train )

1. List Out-of-band communication (OOB)
2. Produce recovery communication plan that includes crisis communications

Reference

12. NIST SP 800-184 (2016), “Guide for Cybersecurity Event Recovery”, NIST Special Publication 800-184. December 2016. https://doi.org/10.6028/NIST.SP.800-184

21. NIST Cybersecurity Framework [2018], “Framework for Improving Critical Infrastructure Cybersecurity”, a.k.a. CSF, Version 1.1. April 16, 2018.

30. NIST Special Publication 800-34 Rev. 1 (2010), “Contingency Planning Guide for Federal Information Systems”, NIST, May 2010.