1. Each political subdivision shall adopt and maintain a cybersecurity incident response plan. Each new or revised plan must be filed within 10 days after adoption or revision with the Office.
2. The Office shall, by regulation, prescribe the contents of a cybersecurity incident response plan, which must include, without limitation, a plan:
(a) To prepare for a cybersecurity threat;
(b) To detect and analyze a cybersecurity threat;
(c) To contain, eradicate and recover from a cybersecurity incident; and
(d) For postincident activity that includes a discussion regarding information learned and any analytics associated with the cybersecurity incident.
3. Each political subdivision shall review its cybersecurity incident response plan at least once each year and, as soon as practicable after the review is completed but not later than December 31 of each year, file with the Office:
(a) Any revised cybersecurity incident response plan resulting from the review; or
(b) A written certification that the most recent cybersecurity incident response plan filed pursuant to this subsection or subsection 1 is the current cybersecurity incident response plan for the political subdivision.
4. Except as otherwise provided in NRS 239.0115, a cybersecurity incident response plan filed pursuant to the requirements of this section, including any revisions adopted thereto, is confidential and must be securely maintained by the Office. An officer, employee or other person to whom the plan is entrusted by the Office shall not disclose the contents of such a plan except:
(a) Upon the lawful order of a court of competent jurisdiction;
(b) As is reasonably necessary in the case of an act of terrorism or related emergency; or
(c) Pursuant to the provisions of NRS 239.0115.
5. As used in this section, “political subdivision” means a city or county of this State.
(Added to NRS by 2019, 2472)