Feds unveil emergency response framework

Draft plan spells out federal, state and local priorities

Federal government response to a major cyber attack or outage would be split into two parts, depending on whether the incident affects primarily physical or virtual assets, according to the draft version of the National Response Framework released yesterday by the Homeland Security Department.

The framework is composed of an 84-page central document outlining federal, state and local roles in emergency response plus more than 20 annexes covering such topics as firefighting, search and rescue, public works, public health, logistical systems and cyber incidents.

For contractors, the framework can be a guide to the priorities and initiatives that federal, state and local agencies should be putting into place to improve their ability to respond to some form of national or regional incident, such as a natural disaster or a major cyberattack.

A cyber incident that significantly impacts the operation of the Internet and critical information technology systems would be handled by Homeland Security's Office of Cybersecurity and Communications, which oversees the National Cyber Security Division and the U.S. Computer Emergency Readiness Team.

The coordination of those federal units in responding to the attack or outage is described in an eight-page Cyber Incident Annex. Those events are defined as harming or threatening to harm mission-critical systems and jeopardizing public safety, health and confidence, or the economy or national security.

However, "a physical attack on cyber infrastructure" is to be handled differently, according to the framework. In such a case, the federal response is described in Emergency Support Function Annex No. 2 ? Communications. The National Communications System would be in charge of restoration and recovery of communications assets, with support from the national cybersecurity division.

The two annexes describe coordination of federal agencies, depending on the type of attack and severity of cyber and physical effects. The lead agency role will be determined based on the type of incident and its impact.

"Emergency Support Function No. 2 also addresses cybersecurity issues that result from or occur in conjunction with incidents. However, for incidents that are primarily cyber in nature, the Cyber Incident Annex is used and ESF No. 2 supports responses to cyber incidents as directed," states the emergency support annex.

The framework also describes private-sector roles in cybersecurity and outlines the ways in which military agencies may be involved. For example, military operational units are trained to defend the Defense Department's global information grid, the framework said.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • POWER TRAINING: How to engage your customers

    Don't miss our Aug. 2 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More


    In our latest Project 38 Podcast, editor Nick Wakeman interviews Tom Romeo, the leader of Maximus Federal about how it has zoomed up the 2019 Top 100. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.