Emergency management personnel play a central role in preparing for and responding to cyber incidents in their jurisdictions. Although emergency managers are not expected to be technical experts on cyber incidents, they do need to understand and prepare for the potential impacts of a cyber incident on their communities as well as on their emergency operations. Knowing whom to engage when a cyber incident occurs and having plans in place to effectively address an incident’s impacts is central to the role of emergency managers, regardless of hazard type.
Developed by the Federal Emergency Management Agency (FEMA) in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), this guide is intended to help state, local, tribal, and territorial (SLTT) emergency management personnel collaboratively prepare for a cyber incident and support the development of a cyber incident response plan or annex. While focused on the roles and responsibilities that emergency managers in government may have, emergency managers in academia, nonprofits, or the private sector may also find the concepts helpful, especially if they serve on a jurisdiction’s planning team.
Nearly all aspects of society heavily rely on networked technologies. From phones and communications systems to home appliances and security systems, to transportation systems, medical systems, and utility services, nearly all aspects of society rely on networked technologies to communicate and operate. While increased interconnectedness provides better and more efficient services in many ways, the increasing reliance on technology and cyber connections may lead to cyber incidents with far-reaching and devastating impacts. An interruption in one organization or system, whether from a natural hazard, human error, equipment failure, or malicious attack, may have widespread impacts across a network. In the worst cases, this puts lives at risk and causes significant economic challenges. For these reasons, it is increasingly important that organizations and jurisdictions have a cybersecurity program in place to protect against disruptions and a cyber incident response plan in place to enable quick, effective resolutions when an incident occurs.
Read the full report from CISA here.
