Evaluating the readiness of cyber first responders responsible for critical infrastructure protection

First responders go through rigorous training and evaluation to ensure that they are adequately prepared for emergencies. For example, fire departments continually evaluate the readiness of their firefighting personnel using a defined set of criteria that measures their performance in fire suppression and rescue procedures. However, in the cyber security domain, similar evaluation criteria and rigor are severely lacking for professionals who help detect, respond to and recover from cyber-based attacks against critical infrastructure assets. To address the gap, this paper provides a framework for evaluating the readiness of cyber first responders responsible for critical infrastructure protection. The evaluation criteria are conceptually based on the NFPA 1410 standards that are used to assess the readiness of firefighter first responders. The utility of the framework is illustrated using a military cyber training exercise that evaluated the readiness of professionals who respond to real-world cyber attack scenarios.