The Department of Homeland Security released a report today on the Cyber Storm exercise held several months ago to test cybersecurity response capabilities. The DHS announcement of the report indicates eight major findings in it:
- Interagency Coordination: Interagency and cross-sector information sharing enhanced overall coordination, communication and response.
- Contingency Planning, Risk Assessment and Roles and Responsibilities: Clearly defined processes and procedures increased overall ability to plan for and assess situations.
- Correlation of Multiple Incidents between Public and Private Sectors: The cyber community was effective in addressing individual threats and attacks, but faced challenges in cross-sector situational awareness during a coordinated cyber attack campaign.
- Exercise Program: Ongoing exercises will strengthen awareness of cyber incident response, roles, policies, and procedures.
- Coordination between Entities of Cyber Incidents: Establishing expectations, roles, processes and communications in advance will dramatically improve coordination and response.
- Common Framework for Response to Information Access: Early and ongoing information sharing across governments and sectors created a common framework for response and strengthened relationships between domestic and international response partners.
- Strategic Communications and Public Relations: Public messaging is an important aspect of incident response and empowers individuals and industry to take appropriate action to protect themselves and the nationâ€™s critical infrastructure.
- Improvement of Process, Tools and Technology: Improved processes, tools and technology focused on the physical, economic and national security affects of a cyber incident will benefit the quality, speed and coordination of a response.
The most interesting of these findings is #3, indicating that officials found it much more difficult to deal with multiple simultaneous attacks. Here’s the full report.