CIRMA quick guide: creating a Cyber Disruption Response Plan (CDRP)

Image: <!-- wp:paragraph --> <p>Strengthening municipal and school district preparation to help effectively respond to a significant cyber incident is critical to achieving overall resiliency. The Connecticut CDRP model was developed to provide a framework to do just this. The model identifies and responds to technological threats and recommends corresponding responses to address threats of increasing scope and severity. These cyber disruption threats range from minor malware incidents, specific attacks on targeted municipal and school district networks and services, to severe attacks capable of catastrophic impact to services and facilities of single or multiple sectors providing critical support to citizens, government, public and private entities.</p> <!-- /wp:paragraph --> <!-- wp:image --> <figure class="wp-block-image"><img src="https://lh4.googleusercontent.com/7KpoRBu3M72i3O2ZHmx6Xnf-0F2sKu1zMVY9v7fSDa22b62SVgAn17Mi3rv5a0dLmCay8v6nXI-Te3ceoIBdbhFH-yRMbcyBdSYY51oVOJ_620nKCb_BAL8FqEccMlOG6vmZ7Jy9" alt="A screenshot of a cell phone Description automatically generated" /></figure> <!-- /wp:image --> <!-- wp:paragraph --> <p>The CDRP model is incorporated as an annex to the State Response Framework, and is a roadmap for state, local, and private sector entities on how and when to report a cyber incident, as well as an outline of emergency response actions to be taken depending on the severity of the disruption and its potential impact on the state and its communities. The CDRP is a companion document to the Cyber Incident Response Plan, which outlines specific technical response actions.<br> <br>The Quick Reference Guide consists of two charts found within the CDRP, and is intended to provide readily-available guidance in a fast-moving incident. The Communications Flow Matrix (above) outlines the flow of information in situations that are likely to affect public health, safety, or confidence. It is recommended that you add contact information for the key partners to whom you would report a cyber incident, including the CT Intelligence Center, which can be reached at <a href="mailto:[email protected]">[email protected]</a>. The Cyber Security Threat Level Matrix is a summary of the five distinct cyber threat levels, and provides general guidance regarding the communication and anticipated response activities for each of the levels. The CDRP also provides more detailed response actions for each threat level. The following links provide access the <a href="https://gallery.mailchimp.com/66658e65d29a7fe9d6027bdd6/files/0214f2d1-95a4-4b98-aacb-384c0ee8a9e3/Cyber_Disruption_Response_Plan_Signed_Oct_2018.pdf">Cyber Disruption Response Plan</a> and the <a href="https://gallery.mailchimp.com/66658e65d29a7fe9d6027bdd6/files/5fb7c14a-85ec-4d58-94a0-fac73a7004af/Cyber_Quick_Reference_Charts_Jan_2019.pdf">Cyber Response Quick Response Quick Reference Chart</a>.</p> <!-- /wp:paragraph --> <!-- wp:paragraph --> <p>The recent pandemic crisis has created an unprecedented environment where our members need us now, more than ever. CIRMA is working diligently to protect our members, our staff and our communities. We’re dedicated to the well-being of our workforce and business continuity—and we’re committed to helping our members do the same. If you have any questions or need help, please reach out to your CIRMA representative.<br></p> <!-- /wp:paragraph -->

Strengthening municipal and school district preparation to help effectively respond to a significant cyber incident is critical to achieving overall resiliency. The Connecticut CDRP model was developed to provide a framework to do just this. The model identifies and responds to technological threats and recommends corresponding responses to address threats of increasing scope and severity. These cyber disruption threats range from minor malware incidents, specific attacks on targeted municipal and school district networks and services, to severe attacks capable of catastrophic impact to services and facilities of single or multiple sectors providing critical support to citizens, government, public and private entities.

A screenshot of a cell phone  Description automatically generated

The CDRP model is incorporated as an annex to the State Response Framework, and is a roadmap for state, local, and private sector entities on how and when to report a cyber incident, as well as an outline of emergency response actions to be taken depending on the severity of the disruption and its potential impact on the state and its communities. The CDRP is a companion document to the Cyber Incident Response Plan, which outlines specific technical response actions.
 
The Quick Reference Guide consists of two charts found within the CDRP, and is intended to provide readily-available guidance in a fast-moving incident. The Communications Flow Matrix (above) outlines the flow of information in situations that are likely to affect public health, safety, or confidence. It is recommended that you add contact information for the key partners to whom you would report a cyber incident, including the CT Intelligence Center, which can be reached at [email protected]. The Cyber Security Threat Level Matrix is a summary of the five distinct cyber threat levels, and provides general guidance regarding the communication and anticipated response activities for each of the levels. The CDRP also provides more detailed response actions for each threat level. The following links provide access the Cyber Disruption Response Plan and the Cyber Response Quick Response Quick Reference Chart.

The recent pandemic crisis has created an unprecedented environment where our members need us now, more than ever. CIRMA is working diligently to protect our members, our staff and our communities. We’re dedicated to the well-being of our workforce and business continuity—and we’re committed to helping our members do the same. If you have any questions or need help, please reach out to your CIRMA representative.