The Cybersecurity and Infrastructure Security Agency (CISA) is reviewing results from Cyber Storm, its biennial simulated cyber attack. According to CISA, it was a success and the most extensive exercise of its kind in the country.
The purpose of Cyber Storm is to test how stakeholders from the public and private sectors and international partners would collectively respond to a widespread cyber attack, explained Lisa Beury-Russo, Acting Deputy Associate Director for Exercises at CISA.
This year there were over 2,000 individual players and 200 participating organizations, including federal departments and agencies, state and local governments, and critical infrastructure owner-operators in the private sector, according to Beury-Russo. The goal is to include anyone who would be involved in a cyber incident response.
In addition to retesting past measures such as policy implementation, CISA also looked at new areas to take into account the changing threat landscape, Beury-Russo said. Among these was cross-sector activity, which involves common threats across sectors. “We see a range of different vectors targeting a number of different sectors … this can be like assembling a puzzle – each one of those organizations or sectors will have a piece, and we really need that coordination and cross-communication to assemble the entire picture,” said Beury-Russo.
Cyber Storm 2020 was originally supposed to take place in the spring but was rescheduled due to the coronavirus pandemic. Beury-Russo said the dispersed environment provided an opportunity to learn how to better coordinate and communicate in a range of different scenarios. She stated, “we’re not quite sure what the future holds, but I think everyone’s been pretty clear that we are probably not going back to what used to be business as normal … so we will continue to include those lessons.”
“Overall, we really found that the exercise highlighted the value of CISA and those roles that we carry out for the broader cyber community,” Beury-Russo concluded.