Cyber disruption in critical infrastructure is no longer a theory, states must be prepared
The trade association NASCIO has released a series of recommendations for how states should prepare for cyber disruption and respond to these attacks.
The National Association of State Chief Information Officers is urging its members to put plans in place for how they’d handle cyber disruption on pieces of critical infrastructure, like power grids or water treatment facilities.
The trade association issued a “planning guide” Thursday, laying out how states can prepare for a so-called “cyber disruption,” which it defines as an event that “either causes a disaster, or is specifically launched by a perpetrator to coincide with a natural disaster.”
Cybersecurity has been on the annual “State CIO Top 10 Priorities” published by NASCIO since the inception of the list in 2006. Since then, the frequency, magnitude and sophistication of cyber-attacks has continued to increase at an accelerated pace. States must develop, mature and test capabilities for dealing with the aftermath of such events that could disrupt the continuity of government.
The guidance is made up of a three-volume set that includes a report on cyber disruption response planning, a comprehensive checklist and a cross-functional process description. Together the documents provide guidance on governance, communications and operating discipline for cyber disruption response planning.
In a statement, New Mexico CIO and NASCIO President Darryl Ackley said the group envisions the guide serving as “both a practical implementation document and a call to action for states to develop state cyber disruption response plans.”
The report is careful to distinguish between run-of-the-mill cyber incidents — stray attacks on state systems that state chief information security officers are traditionally charged with monitoring — and the more advanced attacks on infrastructure that can have “significant or even catastrophic effects” on governments, and require “a coordinated response from a whole host of organizations.”
Due to the need for that high level of coordination, NASCIO’s analysts recommend that every state establish a “cyber disruption team” to detect these kinds of attacks and respond to them once they happen. The association suggests that the state CISO head up this team, but it recommends including representatives from all parts of the government, including the governor’s office and law enforcement agencies.
NASCIO also calls on CISOs and their cyber disruption teams to maintain open lines of communication with other states, as well as with federal information sharing organizations and private sector firms to build a “collaborative network” that’s prepared for any major disruption.
Indeed, the analysts stress that “communication is possibly the most critical element of a cyber disruption response plan,” and they add that states should ensure their alternative communication networks (like emergency radio systems) can function even with the type of major grid failures that could stem from an attack.
The full report here