Putting together an effective cybersecurity plan is key to mitigating, responding to, and recovering from cyber attacks, including malware, ransomware, and data exfiltration. There are multiple steps that are essential to this process. NRECA's RC3 program has tools and resources to assist cooperatives with each of these steps, as well as information on other leading cybersecurity entities from whom cooperatives could benefit.

Assessment

• RC3 Cybersecurity Self-Assessment Toolkit
• Hardcopy (2018)
• Online (2019)
• Guide to Developing a Cyber Security and Risk Mitigation Plan (2014)
  

Incident Response

Develop an incident response plan.

• RC3 Guide to Developing a Cyber Security and Risk Information Plan
  

• Computer Security Incident Handling Guide (NIST SP 800-161 r2)
  

Exercise Your Skills

Test your incident response plan with periodic exercises.

• Tabletop Exercise (TTX) Toolkit
  

Share Information Regularly

Keep up to date on the latest trends by participating in an information sharing program.

• RC3 Cybersecurity Information Sharing Resources
  
• Essence - Threat Detection and Mitigation
  
• Professional Communities
  

• US-CERT (CISA)
  
• E-ISAC
  
  

Share Information When a Victim

Share information when you are the victim of a cyber attack to help others strengthen their defenses.

• FBI Fusion Center (different for each state)
  
• InfraGuard (FBI)
  
• US-CERT (CISA)
  
• E-ISAC (DOE)
  

Train and Repeat

Cybersecurity training never ends.