Normalizing Cybersecurity: Improving Cyber Incident Response with the Incident Command System

Abstract

In 2018, the Colorado Department of Transportation was hit with a ransomware attack that resulted in the first-ever state emergency declaration for a cyber attack. Cyber attacks against the nation and its infrastructure are expected to increase, yet no extensive research exists on the United States designated response framework for them. This thesis investigated the application of the Incident Command System (ICS) in significant cyber incidents and how the system may be improved for these events. A mixed method study consisting of case studies, senior leader interviews, and a quantitative survey was used to evaluate ICS specific to the frameworks eight core concepts. The research includes findings on variables that impact the effectiveness of response frameworks in cyber events. Recommendations are made to improve cyber response.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2021
Accession Number
AD1150571

Entities

People

  • Darin T. Hanson

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Business Administration
  • Computer Network Security
  • Computer Networks
  • Cyberattacks
  • Cybersecurity
  • Cyberspace Operations
  • Data Analysis
  • Department Of Homeland Security
  • Disaster Management
  • Emergency Response
  • Information Systems
  • Intelligence Community (United States)
  • Management Personnel
  • National Security
  • Network Protocols
  • Organizational Structure
  • Personnel Management
  • Public Administration

Fields of Study

  • Computer science

Readers

  • Computational Modeling and Simulation
  • Cybersecurity.
  • Emergency Management and Homeland Security.

Technology Areas

  • Cyber