In August 2015, I had the good fortune to present at the New York State Emergency Management Certification and Training (EMC&T) Academy in Albany, NY. The EMC&T is a unique program New York State runs to provide training, insights into state operations and professional development to state and local emergency management officials. The areas covered ranged from continuity of operations and social media to emergency operations center procedures, terrorism and natural hazard threats. I presented (along with colleagues from several state agencies) information on cyber threats and their implications for emergency managers and management. Our panel could not have asked for a better reception. There were good – and pointed – questions, a robust discussion and a lot of thoughtful feedback.
That the organizers of the EMC&T included cyber security (and had in their previous iteration) is actually reflective of the thoughtful and wide ranging approach to emergency management that New York State is taking. It is no longer possible to engage meaningfully in emergency management or disaster response without thinking of cyber risks and information technology. From wastewater facilities to transportation infrastructure, we have already seen small and localized disasters because of cyber attacks that result in real physical damage. Recent alleged attacks of a more sophisticated and dangerous variety—such as the steel manufacturing facility in Germany and the electrical infrastructure in the Ukraine—demonstrate the threat more concretely. In fact, we’ve recently seen suggestions that such an intrusion, although details are unclear, may have happened to a piece of locally run infrastructure in New York State. When you add in the myriad lower level cyber threats and distractions that can disrupt response or otherwise cause chaos, ignoring cyber threats is something emergency managers can only do at their own peril.
Some of the best scholarship on disasters and emergency management has come out of social science including the fields of sociology, psychology, public administration, organizational behavior, urban studies and geography. This is because the social—individual, organizational and institutional behavior—is laced throughout each disaster and disaster response. Increasingly it is clear information technology too is destined to be laced throughout every disaster and response. Luckily, those engaged in disaster response are both increasingly recognizing that and moving forward accordingly.
Read the full piece at the ASPA website.