Florida Regulations 60GG-2.006: Recover
Current as of: 2024 | Check for updates
|
Other versions
The recover function of the SFCS is visually represented as such:
Function
Category
Subcategory
Recover (RC)
Recovery Planning (RP)
RC.RP-1: Execute recovery plan during or after a Cybersecurity Incident
(1) Recovery Planning. Each Agency shall execute and maintain recovery processes and procedures to ensure restoration of systems or assets affected by Cybersecurity Incidents. Each Agency shall:
(a) Execute a recovery plan during or after an Incident (RC.RP-1).
(b) Mirror data and software, essential to the continued operation of critical Agency functions, to an off-site location or regularly back up a current copy and store at an off-site location.
(c) Develop procedures to prevent loss of data, and ensure that Agency data, including unique copies, are backed up.
(d) Document disaster recovery plans that address protection of critical IT Resources and provide for the continuation of critical Agency functions in the event of a disaster. Plans shall address shared resource systems, which require special consideration, when interdependencies may affect continuity of critical Agency functions.
(e) IT disaster recovery plans shall be tested at least annually; results of the annual exercise shall document plan procedures that were successful and specify any modifications required to improve the plan.
(2) Improvements. Each Agency shall improve recovery planning and processes by incorporating lessons learned into future activities. Such activities shall include:
(a) Incorporating lessons learned in recovery plans (RC.IM-1).
(b) Updating recovery strategies (RC.IM-2).
(3) Communications. Each agency shall coordinate restoration activities with internal and external parties, such as coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors. Such activities shall include:
(a) Managing public relations (RC.CO-1).
(b) Attempts to repair reputation after an event, if applicable (RC.CO-2).
(c) Communicating recovery activities to Stakeholders, internal and external where appropriate (RC.CO-3).
Rulemaking Authority Florida Statutes § 282.318(11). Law Implemented 282.318(3) FS. History—New 3-10-16, Amended 1-2-19, Formerly 74-2.006, Amended 9-18-22.
Function
Category
Subcategory
Recover (RC)
Recovery Planning (RP)
RC.RP-1: Execute recovery plan during or after a Cybersecurity Incident
Improvements (IM)
RC.IM-1: Incorporate lessons learned in recovery plans
RC.IM-2: Periodically update recovery strategies
Communications (CO)
RC.CO-1: Manage public relations
RC.CO-2: Repair reputation after an event
RC.CO-3: Communicate recovery activities to internal Stakeholders and executive and management teams
Terms Used In Florida Regulations 60GG-2.006
- Assets: (1) The property comprising the estate of a deceased person, or (2) the property in a trust account.
(a) Execute a recovery plan during or after an Incident (RC.RP-1).
(b) Mirror data and software, essential to the continued operation of critical Agency functions, to an off-site location or regularly back up a current copy and store at an off-site location.
(c) Develop procedures to prevent loss of data, and ensure that Agency data, including unique copies, are backed up.
(d) Document disaster recovery plans that address protection of critical IT Resources and provide for the continuation of critical Agency functions in the event of a disaster. Plans shall address shared resource systems, which require special consideration, when interdependencies may affect continuity of critical Agency functions.
(e) IT disaster recovery plans shall be tested at least annually; results of the annual exercise shall document plan procedures that were successful and specify any modifications required to improve the plan.
(2) Improvements. Each Agency shall improve recovery planning and processes by incorporating lessons learned into future activities. Such activities shall include:
(a) Incorporating lessons learned in recovery plans (RC.IM-1).
(b) Updating recovery strategies (RC.IM-2).
(3) Communications. Each agency shall coordinate restoration activities with internal and external parties, such as coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors. Such activities shall include:
(a) Managing public relations (RC.CO-1).
(b) Attempts to repair reputation after an event, if applicable (RC.CO-2).
(c) Communicating recovery activities to Stakeholders, internal and external where appropriate (RC.CO-3).
Rulemaking Authority Florida Statutes § 282.318(11). Law Implemented 282.318(3) FS. History—New 3-10-16, Amended 1-2-19, Formerly 74-2.006, Amended 9-18-22.