Laserfiche WebLink
Cybersecurity Incident Response Plan <br />Kittitas County Department of Information Technology <br /> <br />Excerpts of Plan Changes… <br />Roles and Responsibilities <br />Communications Director <br /> Communicate applicable cybersecurity incidents to the public and press <br />Definition of a cybersecurity incident <br />Any adverse event that threatens the confidentiality, integrity, or <br />availability of the county’s data or information resources. <br />While this definition includes numerous types of cybersecurity incidents, the requirement for <br />cybersecurity incident reporting, regardless of malicious or accidental origin, is limited to serious <br />incidents. <br />A serious incident is an incident that might pose a substantial threat to county records, resources, <br />and/or services. An incident is designated as serious if it meets one or more of the following criteria: <br />1. Involves potential, accidental, or other unauthorized access or disclosure of sensitive (Category <br />2) or confidential information (Categories 3 and 4) <br />2. Involves legal issues including criminal activity, or might result in litigation or regulatory <br />investigation <br />3. Might cause severe disruption to critical services <br />4. Involves active threats <br />5. Is widespread <br />6. Is likely to be of public interestin the public’s best interest <br />7. Is likely to cause reputational harm to the county <br />Communication <br />All communication regarding the cybersecurity incident will include only the minimum necessary <br />information, only to those who need it. <br />All cybersecurity incident communication from IT will be reviewed by the IT Director before <br />dissemination. <br />All cybersecurity incident communication with the press will be provided by the Communications <br />Director or the BoCC or their non-IT designee; however, it is advised the communication be reviewed by <br />the IT Director before released.