Why and how to treat cyber attacks like natural disasters

Mon, 2019-07-29 14:12 -- Philip Bane
“We have spent a lot of time in Texas this summer, helping plan to make Texas communities resilient to natural disasters. Now, Texas needs to consider how to make its communities resilient to cybersecurity disasters as 22 small towns were recently subject to ransomware attacks. Our work in Virginia takes the approach that region wide approaches need a common governance approach with discovery of facts on the ground, followed by knowledge exchange and collaborative planning. Collaborative, region-wide data governance policies are needed to make communities resilient to cybersecurity risks. Upgrading your own IT infrastructure is not enough - you need a regional approach because hackers attack the weakest link, a link you may be sharing data with."
 
To deal with hurricanes, floods, and other natural disasters, states rely on disaster plans prepared by experienced emergency management teams. But with information technology (IT) now baked into so many critical services, states must expand their focus to include the consequences of cyber attacks.
 
That’s the conclusion of “State Cyber Disruption Response Plans,” a recent issue brief from the National Governors Association  (see link below). In brief, states and cities need to add to their emergency response preparations to get ready for cyber attacks. More specifically, they need a plan that details which agencies will respond; who will do what; and how they will coordinate. “Like a Category 5 hurricane, states realize that they have a role in mitigating the impact of such a scenario.” 
 
The issue brief also examines how state plans should align with the National Cyber Incident Response Plan developed by the U.S. Department of Homeland Security.
 
The NGA brief reviewed plans from 15 states in formulating their recommendations. Typical response plans invoke pre-planned leadership structures to oversee and coordinate activities from agencies such as Information Technology, Emergency Response, Law Enforcement, and National Guard. It sets forth 14 specific recommendations, backed up with comparisons between different plans and links to important information.
 
“Strengthening state preparation for and response to a significant cyber incident is critical to achieving national resiliency,” the issue brief warns. “Significant cyber incidents could… stretch the federal government’s ability to respond. In such a situation, states will need plans in place to ensure they are organized and prepared to respond without federal assistance.
Article DL File: