FEMA recently released a draft for the National Incident Management System (NIMS) Information and Communications Technology (ICT) guidance, providing a framework for incorporating ICT into the Incident Command System (ICS). The draft guidance in many ways formalizes many of the functional changes ICS practitioners have been incorporating for quite a while.
Essentially, the guidance creates an ICT branch within the Logistics Section. That branch can include the traditional Communications Unit as well as an Information Technology (IT) Service Unit. They also make allowances for a Cybersecurity Unit to be included the branch – not as an operational element for a cyber incident, but largely in a network security capacity. The creation of an ICT branch is also recommended for emergency operations centers (EOCs), regardless of the organizational model followed.
The IT Service Unit includes staffing for a leader, support specialists, and a help desk function, while the Cybersecurity Unit includes staffing for a leader, a cybersecurity planner, a cybersecurity coordinator, and a cyber support specialist. The position descriptions and associated task books are already identified pending final approvals and publication of this guidance, with the Cybersecurity and Infrastructure Security Agency (CISA) seemingly ready to support training needs for many of the new positions.
I’m fully in support of this change. FEMA is accepting feedback through October 20, 2022, with instructions available on the website provided previous.
Not being a communications or IT specialist myself, I’m interested in the perspectives of others on this.
© 2022 Tim Riecker, CEDP