[ISN] DHS evaluates global cybersecurity exercise

InfoSec News isn at c4i.org
Mon Feb 13 01:49:11 EST 2006


By Dibya Sarkar
Feb. 10, 2006 

Homeland Security Department officials offered no results or findings
from a recently concluded, globally coordinated cybersecurity
exercise, but they will begin examining data with the intent of
issuing a report this summer.

The full-scale exercise, Cyber Storm, was conducted from Feb. 6-10 and
involved 115 public, private and international agencies. It examined
the response, coordination, and recovery processes and procedures to a
simulated cyberattack against critical infrastructures. The federal
government has been involved in previous simulated cybersecurity
exercises but not on this scale.

The purpose of the exercise was not to see how a simulated attack
would affect systems. Industry and government officials said it was
necessary to see how well organizations worked together in terms of
communicating information and responding appropriately to an attack.

George Foresman, undersecretary at DHS' Preparedness Directorate, said
Cyber Storm was a way to "create a symphony of preparedness," with the
department acting as a musical conductor leading participating
agencies that acted as musicians.

At a press conference today, Foresman said DHS' role is to coordinate
the public and private sectors' responses to an actual attack through
a common approach. Several state and industry officials who attended
the press conference said they were pleased with the exercise and that
it was a major step toward addressing cybersecurity on a national

However, officials did not provide any details regarding strengths or
weaknesses found. They said they will study the analysis before
providing any results.

DHS officials said the scripted scenario was conducted in a closed
environment through Secret Service headquarters in Washington, D.C.,
and did not include any attacks against real-world systems.

Andy Purdy, acting director of DHS' National Cyber Security Division,
said the department has two overarching priorities. One is to build an
effective cybersecurity response system. The other is to build a
program for infrastructure protection. Results of the exercise could
affect the National Response Plan and other plans designed to improve
national coordination to a cyberattack and disruption.

Cybersecurity experts have said the federal government has been slow
to address the issue comprehensively. But government officials and
company representatives who participated in Cyber Storm said federal
officials are working more closely with private- and public-sector
officials on a grass-roots level than ever before.

William Pelgrin, director of New York state's Cybersecurity and
Critical Infrastructure Coordination Office and head of the
Multi-State Information Sharing and Analysis Center (ISAC), said his
agency and ISAC have been working with DHS officials on the issue for
three years. The two groups have has been pleased with the guidance
they've received, he added.

However, two weeks ago, the National Association of State Chief
Information Officers released a survey indicating that the federal
government needs to provide more education, training and money to help
state and local officials promptly deal with cybersecurity issues.

DHS is willing to be "coach and mentor" to state and local officials,
but ultimately it's the responsibility of states and localities to
"push the ball down the road," Foresman said.

Pelgrin said ISAC and DHS are working on guidelines, including
suggestions for education and awareness, that local governments can
use to help with their day-to-day cybersecurity activities.

Several representatives of companies that participated in Cyber Storm
said they will also evaluate how their companies fared in coordination
and response to the exercise.

In addition to DHS, participating federal agencies included the
Justice, Commerce, Energy, Defense, Treasury and State departments;  
the CIA; the National Security Agency; the National Security Council;  
and the Homeland Security Council. All 50 states also participated in
the exercise. Officials from Canada, Australia, the United Kingdom and
New Zealand participated. Several companies, including Computer
Associates, Intel, Microsoft, VeriSign, Symantec, McAfee and Citadel,
participated as well.

More information about the ISN mailing list