The states are tightening cyber response coordination between government and industry to minimize the potential impact of network disruptions on the region, according to Adam Wehrenberg, project director of the New England Regional Catastrophic Preparedness Initiative. Under the plan the three state governments, as well as the city governments of Boston and Providence, would cooperate in planning for catastrophic events.
“As our world increasingly hinges on technology, we have to shift thinking so that we begin to view cyber-disruptions as potentially significant events, rather than just inconveniences. Cyber-disruption may not result in a simple e-mail outage, but may be the cause (or effect) of a much greater emergency”, Wehrenberg said in a report by Emergency Management magazine.
Under a $1 million Regional Catastrophic Preparedness Grant, the states developed a Regional Cyber Disruption Plan Annex to their Regional Catastrophic Coordination Plan and organized a cyber working group of IT and emergency management professionals from the three states as well as the cities of Boston and Providence, according to the magazine.
“The work group identified critical cyber-assets within the region using a scoring and filtering mechanism based on Homeland Security Directive 7,” Wehrenberg said. “Many were public-sector assets, some were private. We conducted capability assessments and risk assessments at each of these identified assets”, he added.
Based on the work group's effort, cyber-disruption teams are being set up that will include personnel from IT, emergency management, public safety and service providers to advise incident responders about restoring or maintaining critical infrastructure in the region, he noted.
Last month, the three states held a regional cybersecurity exercise based on a scenario in which key governmental computer systems were disabled by solar flares. In addition, the New England Regional Catastrophic Preparedness Initiative sponsored a tabletop exercise in Boston in which the states and city had to cope with a coordinated improvised explosive and cyber attacks.