Cybersecurity

FEMA Releases Planning Considerations for Cyber Incidents: Guidance for Emergency Managers

FEMA is releasing “Planning Considerations for Cyber Incidents: Guidance for Emergency Managers.” Developed in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), this document provides state, local, tribal and territorial emergency managers with foundational knowledge of cyber incidents to increase cyber preparedness efforts in their jurisdictions.

Key aspects of cyber incident preparedness included in the document are:

  • Understanding the types of cyber incidents likely to occur;
  • Engaging service owners and operators;
  • Identifying cyber dependent critical services and related dependencies;
  • Prioritizing and planning for service and system disruptions;
  • Identifying roles and responsibilities;
  • Providing integrated communication and public messaging; and
  • Developing a cyber incident response plan.

FEMA, in cooperation with CISA, will host several 60-minute webinars to provide an overview of the guide and supporting materials.

To download guide and supporting materials, and learn more about the webinar sessions, please visit the FEMA website at https://www.fema.gov/emergency-managers/national-preparedness/plan.


National Institute of Standards and Technology (NIST)

NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public. Our activities range from producing specific information that organizations can put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.

Some NIST cybersecurity assignments are defined by federal statutes, executive orders and policies. For example, the Office of Management and Budget (OMB) mandates that all federal agencies implement NIST’s cybersecurity standards and guidance for non-national security systems. Our cybersecurity activities also are driven by the needs of U.S. industry and the broader public. We engage vigorously with stakeholders to set priorities and ensure that our resources address the key issues that they face. 

NIST also advances understanding and improves the management of privacy risks, some of which relate directly to cybersecurity.

Priority areas to which NIST contributes – and plans to focus more on – include cryptography, education and workforce, emerging technologies, risk management, identity and access management, measurements, privacy, trustworthy networks and trustworthy platforms.

Additional details can be found in these brief and more detailed fact sheets.


Cybersecurity & Infrastructure Security Agency (CISA)

America’s Cyber Defense Agency

CISA Resources & Tools


Protected Critical Infrastructure Information (PCII) Program

Congress created the Protected Critical Infrastructure Information (PCII) Program under the Critical Infrastructure Information Act of 2002 (CII Act) to protect information voluntarily shared with the government on the security of private and state/local government critical infrastructure.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Download Cyberattack Info Sheet

 

 

 

 

 

 

 

 

 

 

 

 


School Safety

In today’s environment, K-12 schools and school systems face an evolving and dynamic set of security risks and threats, ranging from acts of targeted violence to bomb threats to natural disasters. Schools also have unique needs, considerations, and challenges when it comes to safety and security. These factors can impact a school’s ability to carry out its educational obligations and provide a safe, secure, and supportive learning environment for students.  


Cyber Guidance for Small Businesses

Small businesses often do not have the resources to defend against devastating cyber threats like ransomware. As a small business owner, you have likely come across security advice that is out of date or that does not help prevent the most common compromises. For example, odds are that you have heard advice to never shop online using a coffee shop’s wi-fi connection. While there was some truth to this fear a decade ago, that’s not how people and organizations are compromised today. The security landscape has changed, and our advice needs to evolve with it. 

Learn more.


 

 

 

 

 

 

 

 

 

 

Mitigation Matters!  

Have questions? Contact us at help@kymitigation.org.

KAMM mailing address: KAMM, PO Box 1016, Frankfort, KY 40602-1016

Don’t forget to join the KAMM group on LinkedIn and Facebook.

KAMM is a non-profit 501 (c) (3).