Cybersecurity Program Plan
With the advent of the federal State and Local Cybersecurity Grant Program that prioritizes development of state cybersecurity plans, the Office of Homeland Security is working with relevant stakeholders to establish a 2022 grant proposal focused on development of the Hawaii Cybersecurity Program Plan. It is envisioned that the Hawaii Cybersecurity Program Plan will address Governance, Preparation and Protection, and Workforce Development:
Building cybersecurity governance, which may include:
- Creating a cybersecurity governance structure, whether through executive order, legislation or ad-hoc formation, and selecting members of the body based on their ability to implement change;
- Developing a statewide cybersecurity strategy that emphasizes protecting the state’s IT networks, defending critical infrastructure, building the cybersecurity workforce, and enhancing private partnerships; and
- Conducting a risk assessment to identify cyber vulnerabilities, cyber threats, potential consequences of cyberattacks and resources available to mitigate such threats and consequences.
Preparing and protecting the state from cybersecurity events, which may include:
- Assessing and mitigating cybersecurity risks and cybersecurity threats relating to critical infrastructure;
- Exercising (and revising as needed) the state’s Cyber Disruption Response Plan that emphasize a whole-of-state approach and focused county-level engagements;
- Enhancing our framework for information sharing by facilitating interactions between state and county IT, homeland security, and emergency management officials and critical infrastructure owners/operators;
- Incorporating procedures for using the National Guard’s cyber capabilities into cyber response plans and working with the legislative branch to expand the circumstances under which the Guard can be activated, if necessary;
- Distributing funds, items, services, capabilities, or activities to county governments; and
- Developing a public communications plan for cyber events.
Growing the state’s cybersecurity workforce and their capabilities, which may include:
- Using the National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity to:
- identify and mitigate any gaps in the cybersecurity workforces,
- enhance recruitment and retention efforts for those workforces, and
- bolster the knowledge, skills, and abilities of State/Local government personnel;
- Reclassifying state job descriptions for cybersecurity positions to align with private sector practices;
- Leveraging the state’s National Security Agency-certified Centers of Academic Excellence at the University of Hawaii (Manoa and Maui);
- Placing veterans into cybersecurity certification programs or open positions within state agencies;
- Partnering with colleges to increase the availability of transferable, two-year cybersecurity degrees; and
- Creating a program to assign qualified college students to state agencies as low-cost, skilled cybersecurity interns.
Hawaii Cyber Disruption Response Plan
The Hawaii Cyber Disruption Response Plan (CDRP) describes the framework for state cyber disruption response and short-term recovery coordination among multiple state, local, and federal agencies and private entities with critical computer information or operational systems or cyber response assets or capabilities. It provides a framework, including the establishment of a Cyber Unified Coordination Group (C-UCG), for the coordination of rapid identification, information exchange, response, and short-term recovery and remediation to mitigate the damage caused by a significant cyber incident. In response to a significant cyber incident that includes the need to engage in consequence management activities for physical effects related to the incident, the State Government establishes two lead agencies under the UCG:
- OHS as lead for coordinating asset and threat response and intelligence support.
- HI-EMA as lead for coordinating response to any consequence management activities for physical effects.
The current CDRP can be found HERE and also contains attachments addressing:
- Checklist of Major Steps for Disruption Response and Handling
- Model Cyber Incident Response Plan
- Cyber Incident Severity Schema/National Response Coordination Center Activation Crosswalk
- Core Capabilities and Critical Tasks
- Guidance on Reporting a Cyber Disruption
- Threat Levels and Anticipated Response
- Communications Checklists