State government must now view cyber attacks that are more than cyber incidents. We must prepare for larger magnitude events. These can be termed cyber disruptions, disasters or even catastrophes. This publication includes the following:
- A call to action for states to develop state cyber disruption response plans that include: a governance structure that clearly designates who is in charge in a given event or phase of an event; development of a risk profile for state assets; collaboration among the various agencies that have cyber responsibility; and a communication plan to ensure the right people have the right information as early as possible so they can response effectively.
- A checklist for states to work with in developing progress toward a cyber disruption response operating discipline.
- A cross functional process description that can be used as a starting point for states to develop their own unique cross functional process for orchestrated planning and response at various threat levels.