1 Aug 2019
Here in the digital age, threats to cybersecurity have become more challenging than ever. But did you know that to combat them, states have implemented emergency response plans? They differentiate two types of cyberattack and how to protect state infrastructure against them in cyber incident response plans and cyber disruption response plans. A cyber incident refers to an attack that compromises data collected, transmitted, or stored in state computer systems. On the other hand, a cyber disruption refers to an incident that poses a significant threat to national security, foreign relations, the U.S. economy, or public safety and freedom. Cyber incidents are usually handled by the state CIO, but a cyber disruption is far more severe. In those cases, federal agencies must coordinate their services to carry out an effective emergency response.
Answering The CallOn July 11, the National Governors Association released a report on these cyber disruption response plans to recommend to state officials how to create or review their own. It examines 15 states with publicly available plans, then compares them to the 14 core capabilities in the Department of Homeland Security’s National Cyber Incident Response Plan. According to the report, every plan emphasized a holistic approach: states responded by recognizing how all-encompassing the impact of a cyberattack could be. From specific threat protocols to integrating National Guard resources, the NGA’s recommendations highlight the importance of treating a cyber disruption like any other statewide emergency. One recommendation even proposed a volunteer-based cybersecurity force alongside other cyber response teams, which would work “akin to a volunteer fire department” and assure a greater autonomy for afflicted states. Yet the report not only emphasizes the importance of response plans; it also confronts the role of states in emergencies that demand federal assistance. Regardless of how each individual government chooses to respond to cyberattacks, the report notes that they must also recognize that “significant cyber incidents could affect [critical infrastructure] across state lines and stretch the federal government’s ability to respond,” which means states must be prepared to mobilize without federal assistance.
Fight Fire With IngenuityFor many state and local governments across the country, cybersecurity is already a critical priority. But when the time comes to mobilize against cyberattacks, will you be prepared to respond? Our Red Team Assessment evaluates your existing security controls for the same effectiveness and resilience that state and local governments are striving for. We make use of a tried-and-true method that simulates real-world cyberattacks:
- Penetration Testing (internal and external)
- Social Engineering/Phishing Attacks (by phone, email, and in-person; we take this to the next level by attempting an actual breach of your network)
- Physical Access (perimeter sweep, building access, secure interior room access)
- Black Box (planting rogue remote-access devices in the production network)
- Secure Document Disposal (secure/common waste disposal, dumpster inspection)
- Wireless (forged authentication, encryption testing, device spoofing)