Determining the risk of cyber incidents and the appropriate response is difficult to do for any organization. The Department of Homeland Security through the National Cybersecurity and Communications Integration Center (NCCIC) has the job of managing this for the entire nation. This vast undertaking not only needs to assess the risk but also accommodate a diverse set of private critical structure owners and government agencies. They have developed a weighed scoring system called the NCISS Scoring System which considers 8 categories.
- Each category has a weight, and the response to each category has an associated score. The categories are:
- Functional Impact,
- Observed Activity,
- Location of Observed Activity,
- Actor Characterization,
- Information Impact,
- Recoverability,
- Cross-Sector Dependency, and
- Potential Impact.
This is not intended as an absolute scoring method as different stakeholders will find different categories more important than others. The priority level of a national cyber incident is determined after the scoring is complete. This scoring is aligned with NCCIC, DHS and CISS so these organizations speak the same language in dealing with risk and resource priority.
The mixture of discrete and analytical assessments, this scoring system attempts to minimize individual biases. This system is very important as it will determine the prioritization of limited resources and the level of support each incident should receive. This system does not currently account for multiple simultaneous compromises, but this can be addressed with human intervention. The need for national cybersecurity to protect the critical infrastructure of the country is of paramount importance and this scoring system is a step in managing overall response.
LIFARS Team can assist your organization in determining the risk of cyber incidents and the appropriate response, contact us for further information.
