Emergency Response after Harvey
By Seth Jaffe.
In the wake of Harvey here in Houston, I took a few minutes to pull up FEMA’s Emergency Management Guide to see how it compares with #incidentresponse. Originally penned in 1993, the Guide offers a number of lessons for the average cyber incident response plan. For example, it begins with review of internal plans and policies and suggests meeting with outside groups such as law enforcement. Next step is to collate applicable codes and regulations and then identify critical operations and systems. Do an insurance review, list potential emergencies, and estimate their probability and the subsequent impact. At this point, you’re ready to develop the plan.
The Guide is well worth a read if you are involved in incident response. It talks about training, governance, team organization, and routine updating of the plan. One of my favorite sections is on emergency response procedures, where the Guide recommends specific procedures for different situations. In my view, this is exactly how a good cyber incident response program should work, breaking the plan into procedures that can be executed situationally.
FEMA, the American Red Cross, Baker-Ripley, and all of the emergency response entities have their work cut out for them in the coming weeks. Pitch in where you can, and hopefully, we can learn a thing or two in the process.