Cyberattacks are malicious attempts to steal or compromise information or computer systems. The San Diego Office of Emergency Services works to support preparedness for potential incidents with residents, and public, private, and non-profit organizations in the region.
As all levels of government now rely on cyber networks and assets to provide national security, public safety, and economic prosperity, their operations depend on information systems that are maintained, protected, and secured from exploitation and attack. The San Diego Office of Emergency Services works to support preparedness for the Department of IT and potential incidents the region may experience.
The Emergency Operations Center and Cybersecurity
In today's digital age, cybersecurity has become an essential aspect of emergency operations, and Emergency Operations Centers (EOCs) play a critical role in maintaining the cybersecurity of an organization during an emergency or disaster. The role of cybersecurity in EOCs includes the following:
Protecting sensitive information: EOCs often handle sensitive information, such as personal data, financial information, and emergency response plans. Protecting this information is critical to ensure that it does not fall into the wrong hands. Cybersecurity measures, such as encryption, access controls, and secure communications, can help protect sensitive information.
Maintaining business continuity: Cybersecurity threats, such as malware and cyber attacks, can disrupt operations and cause significant financial and reputational damage. EOCs can help maintain business continuity by ensuring that critical systems and data are protected against cybersecurity threats.
Monitoring and responding to cyber threats: EOCs are responsible for monitoring the organization's network and systems for cybersecurity threats. They can use advanced tools and techniques to detect and respond to cyber threats quickly and effectively.
Developing and implementing cybersecurity policies and procedures: EOCs can help develop and implement cybersecurity policies and procedures that ensure the security of the organization's systems and data. These policies and procedures should cover topics such as access controls, data backups, incident response, and security awareness training.
Collaborating with external stakeholders: EOCs should work closely with external stakeholders, such as law enforcement, government agencies, and private sector partners, to share threat intelligence and coordinate responses to cybersecurity incidents.
In summary, cybersecurity plays a critical role in EOCs by protecting sensitive information, maintaining business continuity, monitoring and responding to cyber threats, developing and implementing cybersecurity policies and procedures, and collaborating with external stakeholders. A robust cybersecurity program is essential to ensure the resilience of an organization during emergencies and disasters.
Actions residents can take to protect themselves from cyber threats:
- Use strong passwords and two-factor authentication.
- Watch for suspicious activity.
- Check your e-mail, financial, and social account statements regularly.
- Ensure your home network is secure, and use secure internet connections when connecting to services outside of your home.
- Keep software up to date and use antivirus solutions to block threats.
- Use encryption with your files, when sending personal information through emails, or other means of digital communication.
- Regularly back up your files.
- Limit the amount of personal information you share online.
- Immediately contact banks, credit cards companies, and other financial institutions to report breaches.
General Incident Reporting Guidance
Cybersecurity reporting laws and requirements are constantly changing; this is meant to be a guide for incident reporting, and legal advice should be sought for incident response.
- Local Government Response
- Agency Cyber incidents that have large cascading effects that result in imminent danger to life or property (e.g. chemical releases, damage to critical infrastructure) should be reported to local authorities by calling 9-1-1.
- State of California
- Any breach that involves personal information must be reported to the affected California residents. Data breaches that affect 500 or more Californians must also be reported to the California Attorney General https://oag.ca.gov/ecrime/databreach/reporting.
- Department of Justice – FBI Internet Crime Complaint Center (IC3)
- Cybercrime, including computer intrusions or attacks, password trafficking, fraud, violation of federal statutes, intellectual property theft, identity theft, theft of trade secrets, child pornography, criminal hacking, terrorist activity, espionage, sabotage, or other foreign intelligence activity: https://www.ic3.gov/complaint.
- Department of Homeland Security: National U.S. Computer Emergency Readiness Team (US-CERT)
- Suspected or confirmed cyber incidents that may impact critical infrastructure and require technical response and mitigation assistance: https://www.cisa.gov/uscert.