[{"Identifier": "CYB.030.010","Activity": "Coordination","Description": "Activities are coordinated with internal and external parties (e.g. coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors)."},{"Identifier": "CYB.030.020","Activity": "Communications","Description": "Communicate activities across the organization in order to quickly disseminate the right information to the right people at the right time."},{"Identifier": "CYB.030.030","Activity": "Continuous Improvement","Description": "Planning and processes are improved by incorporating lessons learned into future activities."},{"Identifier": "CYB.030.040","Activity": "Response Planning","Description": "Response processes and procedures are maintained, to ensure response to detected cybersecurity incidents."},{"Identifier": "CYB.030.050","Activity": "Information Sharing","Description": "Maintain relations between organizational and federal experts in order to share relevant and needed information."},{"Identifier": "CYB.030.060","Activity": "Monitoring and Response Prioritization","Description": "Prioritize mission systems and data in security monitoring and incident response systems."},{"Identifier": "CYB.030.070","Activity": "Supply Chain Risk Management","Description": "Consistent cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by component stakeholders."}]