Insight by Blackberry
Agencies prepare to be resilient through ‘multidimensional’ risks and threats
From cyber attacks to natural disasters, agency continuity planning has become more “multidimensional” than ever before.
Federal agencies have long been required to plan for maintaining their essential operations through the inevitable emergency or disaster under “continuity planning” directives that date back to the beginnings of the Cold War.
In recent years, however, lead agencies have updated continuity directives to account for an evolving range of risks, from cyber threats to natural disasters.
The Federal Emergency Management Agency, for instance, provides continuity guidance to agencies. In a 2023 update to the “Federal Continuity Directive,” FEMA described the evolving nature of planning for disasters and other risks.
“The threats and hazards we face are real and continue to evolve,” the directive states. “They can adversely hinder the ability of government, and the private sector, to provide the nation with essential functions and services. By maintaining effective continuity capabilities, the federal executive branch continues to advance the goal of a more resilient nation.”
Meanwhile, the Cybersecurity and Infrastructure Security Agency last year issued a draft update to the National Cyber Incident Response Plan. It outlines federal plans for coordinating the response to a major cyber incident across federal, state and local lines, as well as with the private sector.
Ramon Pinero, general manager of BlackBerry AtHoc, said operational continuity planning within government is evolving to keep up with the rapidly changing threat landscape.
“Government agencies are just increasingly recognizing that the emergency preparedness space is multidimensional,” Pinero said on Federal News Network. “That overall landscape of operational continuity has shifted beyond traditional disaster response to a more holistic and adaptive approach.”
‘Complex’ planning environment
Agencies like CISA have increasingly warned that U.S. critical infrastructure sectors need to focus on maintaining “resilience” to a range of threats. The agency emphasized the need for government, industry and society at large to have a plan for disruptions from cyber threats, natural hazards and other risks.
“When there is no stopping Mother Nature and until we strengthen our defense against malicious cyber infiltrators, expecting disruption and building resilience is a national imperative at all levels of society,” CISA’s former executive assistance director for infrastructure security wrote in a recent blog post. “Resilience is not optional.”
Pinero pointed to the heightened risk of natural disasters like wildfires, cyber attacks on critical systems, and unforeseen events that impact critical infrastructure, such as the Francis Scott Key Bridge Collapse in Baltimore, Md., last year.
“All of that together makes it a far more complex environment in which to plan for and requires tools and the planning and the collaboration for kind of an interconnected response,” Pinero said.
He said agencies also want to maintain a “real time understanding” of threats to support emergency response and contingency planning.
“You have these tent poles, if you will, around technology, around interoperable communication and interoperability overall, using APIs to connect systems together,” Pinero said. “You have secure and scalable communication networks, and then you have cutting edge technologies to bring them on all together and to provide ongoing monitoring to reduce your time to knowing that something’s wrong, thereby reducing your mean time to recovery or even avoiding that catastrophe in the first place.”
Read more from the Secure Collaboration series on how agencies are looking to secure their mobile data using encryption and other techniques here.
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
