1 March 2016 I attended the working session the NIST put together at the RSA conference yesterday regarding input from the public for their guidance on response and recovery. There were about thirty people in attendance for about an hour and a half. Kevin Stine and Donna Dodson along with several other NIST folks and their contractor for this project G2 Inc were there in support.
They seem to be approaching this from a general point of view.
Utilizing Service Management
This Forum is approaching response, recovery, and minimization of damage from a perspective of utilizing IT Service Management Best practices so all in the discussion will be utilizing a common lexicon for the approach. We will add the cyber perspective to that of incident response and recover and minimize impact. We will share these lessons with the NIST. This approach will complement what they are doing.