On July 11, 2019, the National Governors Association released a new publication on the topic of cyber disruption response plans across America.

The report examines state cyber disruption response plans, providing recommendations for state officials who want to create or review their own response plans.

“With the integration of information technology into critical services, state and territorial officials must now expand their focus to consider the consequences of cyber attacks that have physical impacts and threaten public safety,” reads the report. The need for a coordinated capability to respond to emerging cyber threats has become even more vital as different types of cyber attacks have caused major critical infrastructure disruptions.

NGA differentiates cyber disruption response plans from cyber incident response plans. Cyber incident response plans deal with “cyberattacks that compromise the confidentiality, integrity or availability” of the data being collected, transmitted or stored by state computer systems. These plans “address potential incidents that affect state IT infrastructure, their development and execution generally fall under the purview of the state CIO.”

On the other hand, cyber disruption response plans are developed to prepare for, respond to and recover from a significant cyber incident that “pose demonstrable harm to the national security interests, foreign relations, or economy of the United States or to the public confidence, civil liberties, or public health and safety of [the public].” These plans differ from incident response plans because they require multiple agencies to coordinate activities and implement traditional emergency management and homeland security operations.

The report highlights 15 states with publicly available cyber disruption response plans, and it examines how they compare against the 14 core capabilities in the Department of Homeland (DHS) Security’s National Cyber Incident Response Plan (NCIRP), which establishes protocols to guide any federal and state response to a “significant (Read more...)