Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

ITL Bulletin

Guide for Cybersecurity Incident Recovery

Date Published: February 2017


Murugiah Souppaya (NIST), Larry Feldman (G2), Gregory Witte (G2)



cyber event; cybersecurity; Cybersecurity Framework (CSF); Cybersecurity National Action Plan (CNAP); Cybersecurity Strategy and Implementation Plan (CSIP); metrics; planning; recovery; resilience
Control Families

Access Control; Awareness and Training; Assessment, Authorization and Monitoring; Contingency Planning; Incident Response; Planning; Program Management; Risk Assessment; System and Information Integrity


Download (pdf)

Supplemental Material:
None available

Related NIST Publications:
SP 800-184

Document History:
02/17/17: ITL Bulletin (Final)