U.S. federal cybersecurity agency CISA said it did not have a prepared response plan for how it should handle a cybersecurity incident in May, after an investigative reporter notified the agency that a contractor had publicly exposed sensitive keys and credentials for accessing U.S. government systems.
CISA, the Homeland Security unit tasked with defending federal networks and helping to safeguard critical infrastructure, revealed Friday in a post-mortem report that its staff “had to spend time building [a playbook] during the early stages of the incident.” The agency said it is important to prepare playbooks for “all anticipated needs” to ensure that organizations are ready to respond in the event of a security incident rather than scrambling to improvise one in real time.