DHS Releases Cyber Storm Report

The U.S. Department of Homeland Security (DHS) has released its report on the national cyber exercise Cyber Storm held February 6--10, 2006. The report details key findings from the exercise which was the largest and most complex multi-national, government-led cyber exercise to examine response, coordination, and recovery mechanisms to a simulated cyber event within international, federal, state, and local governments and in conjunction with the private sector.

Over 100 public and private agencies, associations, and corporations participated in the exercise from over 60 locations and 5 countries.

"Exercises like Cyber Storm are essential to our continued efforts to secure cyberspace and America's cyber assets," said George W. Foresman, DHS Under Secretary for Preparedness. "We are committed to working with our public, private, and international partners to turn the lessons learned from Cyber Storm into solutions for enhancing our nation's cyber preparedness and response capabilities."

The Cyber Storm Public Exercise Report produced eight major findings:

* Interagency Coordination: Interagency and cross-sector information sharing enhanced overall coordination, communication and response.

* Contingency Planning, Risk Assessment and Roles and Responsibilities: Clearly defined processes and procedures increased overall ability to plan for and assess situations.

* Correlation of Multiple Incidents between Public and Private Sectors: The cyber community was effective in addressing individual threats and attacks, but faced challenges in cross-sector situational awareness during a coordinated cyber attack campaign.

* Exercise Program: Ongoing exercises will strengthen awareness of cyber incident response, roles, policies, and procedures.

* Coordination between Entities of Cyber Incidents: Establishing expectations, roles, processes and communications in advance will dramatically improve coordination and response.

* Common Framework for Response to Information Access: Early and ongoing information sharing across governments and sectors created a common framework for response and strengthened relationships between domestic and international response partners.

* Strategic Communications and Public Relations: Public messaging is an important aspect of incident response and empowers individuals and industry to take appropriate action to protect themselves and the nation's critical infrastructure.

* Improvement of Process, Tools and Technology: Improved processes, tools and technology focused on the physical, economic and national security affects of a cyber incident will benefit the quality, speed and coordination of a response.

DHS and the National Cyber Security Division (NCSD) are already working with their public and private partners to address these findings and apply the lessons learned.

Cyber Storm emphasized the Administration's commitment to cyber security and preparedness. More than 110 public, private, and international agencies, organizations, and companies were involved in the planning and implementation of Cyber Storm. The exercise simulated a sophisticated cyber attack campaign through a series of scenarios directed against critical infrastructure. Each of the scenarios was developed with the assistance of industry experts and was executed in a closed and secure environment.

NCSD, a part of the department's Preparedness Directorate, provides the federal government with a centralized cyber security coordination and preparedness function. NCSD is the focal point for the federal government's interaction with state and local governments, the private sector, and the international community concerning cyberspace vulnerability reduction efforts.