The Department of Homeland Security is conducting a cybersecurity exercise this week called “Cyber Storm”, bringing together federal, state, local, private and international stakeholders to test preparedness for large-scale cybersecurity attacks that could disrupt critical infrastructure. From an Information Week story:
The exercise is planned in a controlled, pre-scripted way that is expected to prevent disruption of real systems. It will include fabricated interrelated incidents that escalate and combine to pose a significant threat to energy and transportation infrastructures, while targeting federal, state and international government operations.
Participants will attempt to identify policy issues affecting response and recovery, map out critical information-sharing paths and mechanisms between the private and public sectors, test decision making, ensure that communication flows properly between key players and develop a National Response Plan.
The broad inclusiveness of this exercise bodes well for the likelihood that there will be valuable “lessons-learned” from this exercise – not simply from a technological standpoint, but in terms of decision-making, leadership, and communications in a crisis environment.
DHS will be holding a press briefing later in the week to discuss the exercise. I’ll post about its results then.