Examining the national cyber incident response plan and the roles of first responders.

摘要

The U.S' current management of incident response includes the involvement of various individual agencies. Though the nation's experiences in emergency incidents have primarily been those with physical consequences, over the past decade it has been an accepted reality that growing technology and cyber threats will require a heavy analysis and refinement in the current incident response policies and frameworks. Using the existing incident management guidelines and standards including NIMS, NRF and NCIRP, research has shown that the roles of responders are certainly well-outlined. As; however, as new cyber vulnerabilities surface, it is essential to progressively adapt to evolving technology by assuming all national threats will have both physical and virtual consequences. In order to effectively prepare for, respond to, and recover from any emergency incident, it is crucial to meld the strengths and expertise of both physical responders and information technology professionals. The purpose of this research was to focus on current frameworks and first responders to determine whether those frameworks are acceptable for all types of events. It is clear that the U.S has recognized the increasing need to strengthen the nation's cybersecurity and by doing so has encouraged additional response techniques to adapt to rising cyber threats. It is however, unclear as to whether the U.S' approach to address emergency events is taking full advantage of each responder's strengths and expertise. What might be considered to be an acceptable emergency response management system, could actually be less effective due do each framework being slightly disconnected from each other. In order to bridge the gap between NIMS, NRF, and NCIRP, it is essential to understand events that require all levels of response and prepare responders to work as a whole. Keywords: Cybersecurity, Christopher Riddell, NCIRP, Incident Response, First Responders.