Government Technology

DHS Releases Cyber Storm Report



September 16, 2006 By

The U.S. Department of Homeland Security (DHS) has released its report on the national cyber exercise Cyber Storm held February 6--10, 2006. The report details key findings from the exercise which was the largest and most complex multi-national, government-led cyber exercise to examine response, coordination, and recovery mechanisms to a simulated cyber event within international, federal, state, and local governments and in conjunction with the private sector.

Over 100 public and private agencies, associations, and corporations participated in the exercise from over 60 locations and 5 countries.

"Exercises like Cyber Storm are essential to our continued efforts to secure cyberspace and America's cyber assets," said George W. Foresman, DHS Under Secretary for Preparedness. "We are committed to working with our public, private, and international partners to turn the lessons learned from Cyber Storm into solutions for enhancing our nation's cyber preparedness and response capabilities."

The Cyber Storm Public Exercise Report produced eight major findings:

* Interagency Coordination: Interagency and cross-sector information sharing enhanced overall coordination, communication and response.

* Contingency Planning, Risk Assessment and Roles and Responsibilities: Clearly defined processes and procedures increased overall ability to plan for and assess situations.

* Correlation of Multiple Incidents between Public and Private Sectors: The cyber community was effective in addressing individual threats and attacks, but faced challenges in cross-sector situational awareness during a coordinated cyber attack campaign.

* Exercise Program: Ongoing exercises will strengthen awareness of cyber incident response, roles, policies, and procedures.

* Coordination between Entities of Cyber Incidents: Establishing expectations, roles, processes and communications in advance will dramatically improve coordination and response.

* Common Framework for Response to Information Access: Early and ongoing information sharing across governments and sectors created a common framework for response and strengthened relationships between domestic and international response partners.

* Strategic Communications and Public Relations: Public messaging is an important aspect of incident response and empowers individuals and industry to take appropriate action to protect themselves and the nation's critical infrastructure.

* Improvement of Process, Tools and Technology: Improved processes, tools and technology focused on the physical, economic and national security affects of a cyber incident will benefit the quality, speed and coordination of a response.

DHS and the National Cyber Security Division (NCSD) are already working with their public and private partners to address these findings and apply the lessons learned.

Cyber Storm emphasized the Administration's commitment to cyber security and preparedness. More than 110 public, private, and international agencies, organizations, and companies were involved in the planning and implementation of Cyber Storm. The exercise simulated a sophisticated cyber attack campaign through a series of scenarios directed against critical infrastructure. Each of the scenarios was developed with the assistance of industry experts and was executed in a closed and secure environment.

NCSD, a part of the department's Preparedness Directorate, provides the federal government with a centralized cyber security coordination and preparedness function. NCSD is the focal point for the federal government's interaction with state and local governments, the private sector, and the international community concerning cyberspace vulnerability reduction efforts.


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Maintain Your IT Budget with Consistent Compliance Practices
Between the demands of meeting federal IT compliance mandates, increasing cybersecurity threats, and ever-shrinking budgets, it’s not uncommon for routine maintenance tasks to slip among state and local government IT departments. If it’s been months, or even only days, since you have maintained your systems, your agency may not be prepared for a compliance audit—and that could have severe financial consequences. Regardless of your mission, consistent systems keep your data secure, your age
Best Practice Guide for Cloud and As-A-Service Procurements
While technology service options for government continue to evolve, procurement processes and policies have remained firmly rooted in practices that are no longer effective. This guide, built upon the collaborative work of state and local government and industry executives, outlines and explains the changes needed for more flexible and agile procurement processes.
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
View All

Featured Papers