[ISN] DHS to mount major IT security exercise

InfoSec News isn at c4i.org
Thu Jul 21 03:31:55 EDT 2005


http://www.gcn.com/vol1_no1/daily-updates/36434-1.html

By Wilson P. Dizard III 
GCN Staff
07/20/05 

The Homeland Security Department plans to conduct a major 
cybersecurity preparedness and response exercise to be called Cyber 
Storm in November, a department official said in congressional 
testimony yesterday. 

Andy Purdy, acting director of DHS' National Cyber Security Division 
(NCSD), described Cyber Storm as "a national exercise" during a 
hearing that focused largely on the work yet to be done in the 
cybersecurity field. 

He spoke during a hearing of the Senate Homeland Security and 
Governmental Affairs Subcommittee on Federal Financial Management, 
Government Information and International Security. 

According to written testimony Purdy presented, the division has 
worked with the Justice and Defense departments to help form the 
National Cyber Response Coordination Group (NCRCG). 

"The NCRCG has developed a concept of operations for national 
cyberincident response that will be examined in the National Cyber 
Exercise, Cyber Storm, to be conducted by NCSD in November 2005 with 
public and private-sector stakeholders." 

Subcommittee Chairman Tom Coburn (R-Okla.) cited Government 
Accountability Office criticism of the department’s cybersecurity 
programs. 

"Cybersecurity plays an important part in the protection of the 
critical infrastructure," Coburn said, adding that his committee 
planned to hold additional hearings on the topic. 

Coburn advocated improved organizational stability for the 
cybersecurity division and said, "I ask that the department build 
partnerships with the private sector in the cybersecurity field." 

Purdy's testimony focused on DHS' cybersecurity priorities, activities 
and plans, but questions from Coburn and other lawmakers focused on 
some of the gaps and remaining needs in the arena. 

David Powner, director of IT management issues for GAO, highlighted 
the shortcomings of DHS' cybersecurity programs. 

"Recent attacks and threats have increased the need for cyberdefense," 
Powner said. Noting that "DHS faces many challenges" in implementing 
its cybersecurity policy, Powner added, "Although DHS has exerted 
effort to address each of the 13 cybersecurity responsibilities it 
has, they are incomplete."

He especially emphasized DHS' need to achieve a stable organization. 
The division has operated with an acting director since last fall, and 
faces an additional reorganization with the creation of an assistant 
secretary for cybersecurity and telecommunications slot.





More information about the ISN mailing list