Florida Administrative Code
60 - DEPARTMENT OF MANAGEMENT SERVICES
60GG - Florida Digital Service
Chapter 60GG-2 - STATE OF FLORIDA CYBERSECURITY STANDARDS
Section 60GG-2.006 - Recover

Universal Citation: FL Admin Code R 60GG-2.006

Current through Reg. 50, No. 187; September 24, 2024

The recover function of the SFCS is visually represented as such:

Function

Category

Subcategory

Recover (RC)

Recovery Planning (RP)

RC.RP-1: Execute recovery plan during or after a Cybersecurity Incident

Improvements (IM)

RC.IM-1: Incorporate lessons learned in recovery plans

RC.IM-2: Periodically update recovery strategies

Communications (CO)

RC.CO-1: Manage public relations

RC.CO-2: Repair reputation after an event

RC.CO-3: Communicate recovery activities to internal Stakeholders and executive and management teams

(1) Recovery Planning. Each Agency shall execute and maintain recovery processes and procedures to ensure restoration of systems or assets affected by Cybersecurity Incidents. Each Agency shall:

(a) Execute a recovery plan during or after an Incident (RC.RP-1).

(b) Mirror data and software, essential to the continued operation of critical Agency functions, to an off-site location or regularly back up a current copy and store at an off-site location.

(c) Develop procedures to prevent loss of data, and ensure that Agency data, including unique copies, are backed up.

(d) Document disaster recovery plans that address protection of critical IT Resources and provide for the continuation of critical Agency functions in the event of a disaster. Plans shall address shared resource systems, which require special consideration, when interdependencies may affect continuity of critical Agency functions.

(e) IT disaster recovery plans shall be tested at least annually; results of the annual exercise shall document plan procedures that were successful and specify any modifications required to improve the plan.

(2) Improvements. Each Agency shall improve recovery planning and processes by incorporating lessons learned into future activities. Such activities shall include:

(a) Incorporating lessons learned in recovery plans (RC.IM-1).

(b) Updating recovery strategies (RC.IM-2).

(3) Communications. Each agency shall coordinate restoration activities with internal and external parties, such as coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors. Such activities shall include:

(a) Managing public relations (RC.CO-1).

(b) Attempts to repair reputation after an event, if applicable (RC.CO-2).

(c) Communicating recovery activities to Stakeholders, internal and external where appropriate (RC.CO-3).

Rulemaking Authority 282.318(11) FS. Law Implemented 282.318(3) FS.

New 3-10-16, Amended 1-2-19, Formerly 74-2.006, Amended 9-18-22.

Disclaimer: These regulations may not be the most recent version. Florida may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.