NORMALIZING CYBERSECURITY: IMPROVING CYBER INCIDENT RESPONSE WITH THE INCIDENT COMMAND SYSTEM
Download
Author
Hanson, Darin T.
Date
2021-03Advisor
Woodbury, Glen L.
Fernandez, Lauren S.
Metadata
Show full item recordAbstract
In 2018, the Colorado Department of Transportation was hit with a ransomware attack that resulted in the first-ever state emergency declaration for a cyber attack. Cyber attacks against the nation and its infrastructure are expected to increase, yet no extensive research exists on the United States' designated response framework for them. This thesis investigated the application of the Incident Command System (ICS) in significant cyber incidents and how the system may be improved for these events. A mixed method study consisting of case studies, senior leader interviews, and a quantitative survey was used to evaluate ICS specific to the framework’s eight core concepts. The research includes findings on variables that impact the effectiveness of response frameworks in cyber events. Recommendations are made to improve cyber response.