Statutes, codes, and regulations
Florida Administrative Code
Department 60 - DEPARTMENT OF MANAGEMENT SERVICESDivision 60GG - Florida Digital Service
Chapter 60GG-2 - State of Florida Cybersecurity Standards
Section 60GG-2.006 - Recover

Fla. Admin. Code R. 60GG-2.006

Download
PDF
Current through Reg. 50, No. 095; May 14, 2024
Section 60GG-2.006 - Recover

The recover function of the SFCS is visually represented as such:

Function

Category

Subcategory

Recover (RC)

Recovery Planning (RP)

RC.RP-1: Execute recovery plan during or after a Cybersecurity Incident

Improvements (IM)

RC.IM-1: Incorporate lessons learned in recovery plans

RC.IM-2: Periodically update recovery strategies

Communications (CO)

RC.CO-1: Manage public relations

RC.CO-2: Repair reputation after an event

RC.CO-3: Communicate recovery activities to internal Stakeholders and executive and management teams

(1) Recovery Planning. Each Agency shall execute and maintain recovery processes and procedures to ensure restoration of systems or assets affected by Cybersecurity Incidents. Each Agency shall:
(a) Execute a recovery plan during or after an Incident (RC.RP-1).
(b) Mirror data and software, essential to the continued operation of critical Agency functions, to an off-site location or regularly back up a current copy and store at an off-site location.
(c) Develop procedures to prevent loss of data, and ensure that Agency data, including unique copies, are backed up.
(d) Document disaster recovery plans that address protection of critical IT Resources and provide for the continuation of critical Agency functions in the event of a disaster. Plans shall address shared resource systems, which require special consideration, when interdependencies may affect continuity of critical Agency functions.
(e) IT disaster recovery plans shall be tested at least annually; results of the annual exercise shall document plan procedures that were successful and specify any modifications required to improve the plan.
(2) Improvements. Each Agency shall improve recovery planning and processes by incorporating lessons learned into future activities. Such activities shall include:
(a) Incorporating lessons learned in recovery plans (RC.IM-1).
(b) Updating recovery strategies (RC.IM-2).
(3) Communications. Each agency shall coordinate restoration activities with internal and external parties, such as coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors. Such activities shall include:
(a) Managing public relations (RC.CO-1).
(b) Attempts to repair reputation after an event, if applicable (RC.CO-2).
(c) Communicating recovery activities to Stakeholders, internal and external where appropriate (RC.CO-3).

Fla. Admin. Code Ann. R. 60GG-2.006

Rulemaking Authority 282.318(11) FS. Law Implemented 282.318(3) FS.

New 3-10-16, Amended 1-2-19, Formerly 74-2.006, Amended by Florida Register Volume 48, Number 174, September 7, 2022 effective 9/18/2022.