My WebLink
|
Help
|
About
|
Sign Out
Browse
Search
Res19 15781
RedwoodCity
>
City Clerk
>
Resolutions
>
City Council
>
2010-2019
>
2019
>
Res19 15781
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/9/2019 12:37:06 PM
Creation date
7/9/2019 11:48:47 AM
Metadata
Fields
Template:
CC Index
CC Index - Document Type
Resolution
Meeting Type
Joint
Agency Type
City Council and Successor Agency and Public Financing Authority
Date
6/24/2019
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
405
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Show annotations
View images
View plain text
Concept of Operations <br />For a small-scale cyber attack event with minimal impact to City operations, preparation and response <br />for activities will fall under the scope of the Redwood City Information Technology Department or other <br />staff normally responsible for managing technological resources. These responders will act <br />independently within their normal operating procedures to address any issues that may arise during <br />the course of the cyber attack event. <br />For a large-scale cyber attack with major, public impacts to city operations or infrastructure, the EOC <br />will be activated as appropriate, and the EOP will guide activities. In such instances, the EOC will provide <br />primary direction and control during the event. <br />If the scale of the impacts of a cyber attack event overwhelms the capacity of the City, or if there is a <br />mass cyber attack event that targets Redwood City and the surrounding communities simultaneously, <br />the City will then coordinate response efforts with adjacent cities and communities through the San <br />Mateo County Operational Area. <br />Tasks <br />Redwood City will be responsible for the overall direction and control of emergency response activities <br />within City limits or involving City infrastructure or computer systems. See the Concept of Operations <br />section in the Basic Plan for general information. <br />Step1: Identify the Threat <br />❑ It is necessary to assess the scale and nature of a cyber attack event so as to properly mobilize <br />an appropriate response. <br />❑ A Cyber attack event may be in progress if the City cannot access its systems, water and <br />transportation equipment is malfunctioning, or city employees cannot use or access digital <br />resources or databases. <br />Step 2: Isolate and Address the Cyber Attack <br />❑ Restrict physical access to the areas with the affected systems to necessary personnel only so <br />as to preserve fingerprints for later identification of potential event perpetrators (assuming <br />attack is physically delivered to a system or computer). <br />❑ Determine if affected computers or networks need to be turned off or deactivated. <br />❑ Photograph the conditions of the affected computers or equipment. <br />Quarantine affected computers or equipment by disconnecting them from networks and avoid <br />accessing files from them as they could potentially spread viruses and amplify the cyber attack <br />event's impact. <br />Step 3: Mobilization of Resources and Public Response <br />❑ Secure any assets that may subject to physical tampering. Assailants may use lapses in <br />automated security to enter restricted or off-limits areas around pieces of critical infrastructure <br />such as pumping stations or wastewater treatment facilities. Dispatch law enforcement as may <br />be appropriate to secure these areas. <br />
The URL can be used to link to this page
Your browser does not support the video tag.