DHS Kicks Off Next Cyber Security Excercise
Tomorrow, the National Cybersecurity Division – part of DHS’s Office of Cyber Security and Communications will hold its second large-scale national cyber exercise, Cyber Storm II. The exercise follows Cyber Storm I, held Feb. 6-10, 2006, the first government-led, full-scale exercise (FSE) on cyber security. These FSEs are intended to improve public and private sector interaction for enhanced decision making and information sharing, as well as better public communication techniques and stronger response and recovery capabilities.
The Cyber Storm II scenario will include coordinated cyber and physical attacks on critical infrastructure to simulate a political and economic agenda. Participants in the FSE include Federal, State, local, and international governments, as well as private sector entities from multiple critical infrastructure sectors. The adversary for Cyber Storm I was depicted in this rendering (click to enlarge):
The National Cybersecurity Division (NCSD) is responsible for providing cyber security coordination and preparedness under Homeland Security Presidential Directive 7. The shorthand mission for NCSD is to coordinate the federal government’s “interaction with state and local government, the private sector and the international community concerning cyberspace vulnerability reduction efforts.â€
I’d like to add one more goal for Cyber Storm II: Define cybersecurity once and for all.
In an article published by CSO Magazine, Rick Lawhorn, the former Chief Information Security Officer for GE Financial, identifies four different definitions of cyberterrorism or Cybercrime that need to be reconciled:
State Department definition, Title 22 of the U.S. Code, Chapter 38, Section 2656f(d): premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents, usually intended to influence an audience.
FBI definition: the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.
Defense Department definition: the calculated use, or threatened use, of force or violence against individuals or property to coerce or intimidate governments or societies, often to achieve political, religious, or ideological objectives.
United Nations definition: any act intended to cause death or serious bodily injury to a civilian, or to any other person not taking an active part in the hostilities in a situation of armed conflict, when the purpose of such act, by its nature or context, is to intimidate a population, or to compel a government or an international organization to do or to abstain from doing any act. Article 2(b) of International Convention for the Suppression of the Financing of Terrorism, May 5, 2004)
Lawhorn is right. The absence of a standard definition of the cyber threat hobbles efforts to track it, understand it, and identify the characteristics that comprise its profile. This same gap plagues efforts to combat overall terrorism. This is most apparent when we attempt to work with allies overseas, but the recent REAL ID showdown with Montana, South Carolina, and Maine are another example close to home. If cybersecurity is achieved by orchestrating federal, state, local, and international governments, as well as private sector entities from multiple critical infrastructure sectors, a baseline definition is an unavoidable first step.
UPDATE — DHS Issued a press release this evening with a link to more information about Cyber Storm II.
