Loading…
Managing Response to Significant Cyber Incidents: Comparing Event Life Cycles and Incident Response Across Cyber and Non-Cyber Events
Cyber incident response has evolved based on systems and processes developed for other types of incident response, such as response to natural hazards. Large-scale cyber incidents that would have an impact on the United States' national and homeland security, economic security, and public safet...
Saved in:
| Published in: | Policy File 2022 |
|---|---|
| Main Authors: | , , , , |
| Format: | Report |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Cyber incident response has evolved based on systems and processes developed for other types of incident response, such as response to natural hazards. Large-scale cyber incidents that would have an impact on the United States' national and homeland security, economic security, and public safety and welfare to date are rare. However, they may have additional complications that make them more complex to plan for, including challenges in distinguishing the early stages of a significant cyber incident from a more quotidian incident, and the diversity of stakeholders involved. In this report, RAND researchers compare and contrast incident response for cyber and other types of hazards, both human-caused and natural, to derive initial insights into their similarities and distinctions. The report suggests some ways to improve preparedness for cyber incident response and propose additional areas requiring further research. Recommendations include developing more rigorous and dynamic joint public-private exercises, conducting further analysis to identify how systems could fail through a cyber attack to inform early warning efforts, and developing decision mechanisms and shared understandings that will facilitate coordinated activation and execution of incident response plans. |
|---|