"The National Institute of Standards and Technology (NIST) is seeking information relating to Computer Security Incident Coordination (CSIC). NIST is seeking this information as part of the research needed to write a NIST Special Publication (SP) to help Computer Security Incident Response Teams (CSIRTs) to coordinate effectively when responding to computer security incidents. The NIST SP will identify technical standards, methodologies, procedures, and processes that facilitate prompt and effective response.
This RFI requests information regarding technical best practices, current practices, impediments to information sharing and response, risks of collaborative incident response, the role of technology and standards in incident coordination, specific technical standards and technologies that have been found helpful (or ineffective), opportunities for improvement, viewpoints on incident coordination objectives, and suggestions for guidance. In developing the SP, NIST will consult with the Department of Homeland Security, the National Security Agency, other interested federal agencies, the Office of Management and Budget, and individually with other parties who respond to this RFI to discuss their comments and seek further information. The SP will be developed through an open public review and comment process that may include workshops as needed."
