Additional work is needed at all levels of government to address the myriad capability gaps in cybersecurity preparedness and response among the first responder and emergency management community, according to a new Federal Emergency Management Agency (FEMA) Lessons Learned Information Sharing (LLIS) research team trend analysis.
The LLIS team arrived at this conclusion after reviewing the 2012 State Preparedness Reports (SPRs) and 16 After Action Reports (AARs) related to cybersecurity.
In an effort to explore and understand key gaps in the cybersecurity capability of the emergency management community, the LLIS.gov team conducted research and analysis to examine the challenges confronting cybersecurity efforts and to identify overall trends within cybersecurity.
“The goal of the analysis was to identify recurring issues to help emergency managers address challenges in cybersecurity efforts and establish a framework for further research into specific cybersecurity issues,” the LLIS trend analysis said.
The following are key trends identified as a result of the analysis.
Planning
Many states and localities lack effective plans to manage cybersecurity efforts and ensure the availability of necessary resources.
Key topics, gaps and areas of interest within planning in cybersecurity:
- Developing a cybersecurity plan at a state or local level;
- Establishing pre-defined support agreements; and
- Establishing or including resource acquisition plans.
Coordination
The LLIS trend analysis said that “Proper coordination to ensure all entities are working in unison to prevent and respond to cyber incidents is an integral element of cybersecurity. It is essential that entities at all levels of government work together, including working with the private sector, to overcome the broad scope and rapid spread of cyber incidents. This includes facilitating information sharing about threats and attacks and leveraging resources to reduce risk and mitigate damage.”
Key topics, gaps and areas of interest within coordination in cybersecurity:
- Handling incident coordination;
- Improving information sharing & information gathering;
- Forming public-private partnerships; and
- Enabling coordination between state and federal resources.
Incident response
“Understanding roles and responsibilities of federal and state authorities, as well as use of response tools, can help effectiveness of response efforts to cyber incidents,” the FEMA LLIS trend analysis report said. “Issues with communication and outreach about cybersecurity threats and the impact of ongoing cyber incidents can further impede response capacity.”
Key topics, gaps and areas of interest within incident response in cybersecurity:
- Agency response tools and tactics (including, but not limited to, electronic tactical response, and response from law enforcement, firefighting, medical/public health, and public works personnel);
- Determining the role and decision-making process of federal entities;
- Determining the role and decision-making process of state entities; and
- Maintaining and improving communications and outreach.
Prevention
The LLIS research team said “Authorities can help prevent the occurrence of cyber incidents and mitigate risks by performing assessments of system’s capacity to handle incidents and by taking steps to limit potential opportunities for unauthorized access to systems.”
Key topics, gaps, and areas of interest within planning in cybersecurity:
- Preventing unauthorized access to systems;
- Situational awareness & threat detection;
- Identifying new threats and innovations in the cyber field; and
- Evaluating continuity of service capability & establishing redundancies in essential systems.
Training & exercises
Authorities at all levels could benefit from improvements in training and exercise programs to increase awareness of cybersecurity issues, identify potential threats to systems, and evaluate the effectiveness of existing plans and response capability.
Key topics, gaps, and areas of interest within training and exercises in cybersecurity:
- Developing and executing programs to improve awareness & recognition of issues;
- Creating and conducting cybersecurity exercises; and
- Cybersecurity training programs and educational materials.
http://www.hstoday.us/focused-topics/emergency-managementdisaster-preparedness
No comments:
Post a Comment