Cybersecurity, or the lack thereof, continues to weigh heavily on the minds of many state, local, tribal, and territorial (SLTT) governments. Rightly so, costly and disruptive cyber incidents involving ransomware, phishing scams, and other hacks are steadily rising. Take Dallas County, Texas, along with Nevada’s Clark County School District and the Kansas Court system, for example. They’re among the latest to fall victim to cyber thugs who continue to wreak havoc on critical systems and sensitive data nationwide.  

Recognizing this trend and knowing that emergency management personnel (though typically not technology experts) play a “central role” in preparing for and responding to cyber incidents in their jurisdictions, FEMA offers new, foundational guidance titled “Planning Considerations for Cyber Incidents: Guidance for Emergency Managers.” 

A recent FEMA newsletter explained that an interruption to one organization or system could have widespread impacts across a network. These can stem from natural hazards, human error, equipment failure, or malicious attacks. In the worst cases, lives are put at risk, and significant economic challenges can arise.  

Having a cybersecurity program in place to protect against disruptions and a cyber incident response plan in the (likely) event of a breach is essential for swift and effective resolutions to address potential threats.  

The new guide, which was developed in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), is intended to help SLTT emergency management personnel collaboratively prepare for a cyber incident and support the development of a cyber incident response plan or annex. Its roadmap for developing such a plan is based upon the six-step planning process detailed in CPG 101: Developing and Maintaining Emergency Operations Plans.  

Key aspects of cyber incident preparedness outlined in the document include:  

– Understanding the types of cyber incidents likely to occur 

– Engaging service owners and operators 

– Identifying cyber-dependent critical services and related dependencies 

– Prioritizing and planning for service and system disruptions 

– Identifying roles and responsibilities 

– Providing integrated communication and public messaging 

– Developing a cyber incident response plan 

It is important to note that while the concepts of FEMA’s new guide are in context to the public sector/emergency management community, they may prove highly useful to others. This includes those in academia, nonprofits, or the private sector, especially if they serve on a jurisdiction’s planning team.  

Threats to your organization’s critical systems and sensitive data are real and, unfortunately, growing. At BOLDplanning, a division of Agility, we encourage you to assess your cybersecurity measures consistently and to make improvements when and where possible. If this involves continuity, emergency, or hazard mitigation planning, our experienced and well-credentialed team can assist.  

To download the guide and support