Report Released About Telecommunication Incident Response Coordination

Together with DPS, CTG facilitated a workshop among members of the regional telecommunications community to discuss the stewardship of our critical infrastructure in an increasingly interconnected world.

"Events such as the World Trade Center attacks and Hurricane Katrina have generated new discussions among stakeholders about the coordination necessary to ensure continuity of operation of our critical infrastructure," said Theresa Pardo, deputy director of CTG. "Neither the public nor the private sector can claim sole stewardship of the critical infrastructure, and these interdependencies require new kinds of coordination in a variety of areas, particularly in response to incidents that threaten the stability of this infrastructure."

CTG brought together representatives of telecommunications providers, state emergency management agencies, federal communications agencies, state regulatory authorities, state departments of homeland security, state cybersecurity, and the financial sector on March 28, 2007 for the one-day workshop.  The workshop participants engaged in discussions about the value proposition of coordinated response capability, explored varying perspectives on the current state of affairs, brainstormed strategies for increasing regional response capability, and concluded the session by producing a set of recommendations for next steps in exploring regional coordination.

A key aspect of the discussion was concern about duplication of effort, in particular, participants stressed that regional coordination efforts should not duplicate capabilities in either the public or private sectors. They further noted however, that currently held knowledge is not sufficient to determine where duplication might be an issue.  Participants at the workshop agreed that regional incident response requires leveraging currently held resources in innovative and potentially more efficient ways, as well as the establishment of new business processes, communication flows, and a system of governance to balance the needs of all stakeholders. In addition, trust, collaboration, and timely cross-boundary sharing are all seen as central to a new model.

A priority recommendation from the workshop calls for efforts to close this gap in current knowledge about the roles and responsibilities of individual organizations in sub-national incidents and the development of new understanding of who has what information at any point in time that could be brought to bear on incident response.

Recommendations:

1)            Jointly establish guiding principles. Bring together key actors from

across the sectors to collaboratively establish guiding principles.

2)            Conduct current research practice regarding regional coordination of

infrastructure incident response. The research should specify focus on regional coordination of telecommunications incident response, as well as models for governance and information sharing agreements of existing regional response efforts.

3)            Increase knowledge about current information resources, practices,

and capabilities, and avoid duplicating response capabilities in either the public or private sectors.

4)            Invest in process improvements. Develop information flow models

through collaborative group model building sessions to allow for shared understanding. Analysis of these models will inform decision making concerning process improvements.

5)            Secure funding for continued exploration. A comprehensive study of

potential value of regional coordination would serve as an investment in capability in, for example, the northeast region, and as a model process for other regions.

Conclusions:

1. Knowledge gaps exist. Regardless of future investments in future