States Jittery Over Cyberattack Response

Cyberattacks Rank No. 2 as Stress on Response Capabilities
States Jittery Over Cyberattack Response

States worry as much about responding to the hazards presented by cybersecurity attacks as they do hurricanes.

See Also: Deception-Based Threat Detection: Shifting Power to the Defenders

That's a key finding of a just-released report by the Federal Emergency Management Agency.

Ten percent of the 56 states and territories surveyed by FEMA in its State Preparedness Report (SPR) last year cited cyberattacks as the threat or hazard that would most stress their existing response capabilities, the same percentage as hurricanes. Topping the list was earthquakes, cited by 18 percent, of the states and territories (see chart below).

The report finds the nation, for the most part, is better prepared to address hazards since the Sept. 11, 2001, terrorist attacks and Hurricane Katrina in 2005. And, the report cites initiatives aimed at battling cyberthreats and cybercrimes - for instance, the Secret Service has successfully dismantled some of the largest known cybercriminal organizations by working through the agency's established network of 31 Electronic Crimes Task Forces.

Still, the report says, cyber capabilities lag at the state level. Results from a survey of states and territories suggest that cybersecurity was the single core capability where states had made the least amount of overall progress, with an average capability level of 42 percent. In addition, the Department of Homeland Security's 2011 Nationwide Cybersecurity Review highlighted gaps in cyber-related preparedness among 162 state and local entities.

The report cites this example: Though 81 percent of respondents had adopted cybersecurity control frameworks and/or methodologies, 45 percent stated they had not implemented a formal risk management program. About two-thirds of respondents had not updated information security or disaster recovery plans in at least two years (see chart below).

What these findings show is how important secure IT is to the well-being of our economy and society. Just as state leaders recognize how damage from earthquakes and hurricanes tax resources needed to respond to these natural resources, the same is now true with cyber.

Threats, Hazards Causing Most Stress on Capabilities Source: FEMA

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.