Wireless Emergency Alerts (WEA) Cybersecurity Risk Management Strategy for Alert Originators

Citation
Software Engineering Institute, Wireless Emergency Alerts (WEA) Cybersecurity Risk Management Strategy for Alert Originators (Mar. 2014) (full-text).

Overview
The WEA service depends on computer systems and networks to convey potentially life-saving information to the public in a timely manner. However, like other cyber-enabled services, it is susceptible to risks that may enable attackers to disseminate unauthorized alerts or to delay, modify, or destroy valid alerts. Successful attacks may result in property destruction, financial loss, injury, or death and may damage WEA credibility to the extent that users ignore future alerts or disable alerting. The report describes a four-stage cybersecurity risk management (CSRM) strategy that alert originators can use throughout WEA adoption, operations, and sustainment, as well as a set of governance activities for developing a plan to execute the CSRM.