Plan for Cyber Attacks: The emergency management role in "almost" every disaster is one of consequence management. This type of thinking supports our "all-hazards" approach to events. BUT, for specific hazards it is appropriate that we pre-plan for the specifics of a particular hazard.
Cyber attack being one of those that is a bit different. Typically in the EOC of today you might have one IT professional focused on keeping the computers running and helping people get logged on, connected to the Wi-Fi, etc. For a cyber event if there are infrastructure failings due to an attack you will deal with the shortfall in services like any other outage. However, you do need a different level of IT staffing present in the EOC. Certainly it must include the departmental leadership for interfacing with the policy room. You will also need the IT security staff present and working with their counterparts across the spectrum of public and private enterprise. These people normally stay in their organizational silos, and you can get some synergy going and complementary efforts if you can get them in the same room together working on the same issue.
In order for this to happen in real life you will need to plan for it and practice it in an exercise.
Top
Cyber attack being one of those that is a bit different. Typically in the EOC of today you might have one IT professional focused on keeping the computers running and helping people get logged on, connected to the Wi-Fi, etc. For a cyber event if there are infrastructure failings due to an attack you will deal with the shortfall in services like any other outage. However, you do need a different level of IT staffing present in the EOC. Certainly it must include the departmental leadership for interfacing with the policy room. You will also need the IT security staff present and working with their counterparts across the spectrum of public and private enterprise. These people normally stay in their organizational silos, and you can get some synergy going and complementary efforts if you can get them in the same room together working on the same issue.
In order for this to happen in real life you will need to plan for it and practice it in an exercise.
