On April 9, I participated in an excellent panel at the RSA Conference in San Francisco. The topic was Cyberstorm II, and although participants didn't discuss exercise scenarios or detailed action items, the discussion was interesting and received substantial press coverage. A top message: the importance of planning and communication across traditional and new boundaries.
For starters, a brief overview on the session is posted at the RSA Conference website. The coverage of the event ranged from Government Computer News (GCN) which picked up on the challenges in implementing public/private partnerships to Internet News.com which focused on comments from Greg Garcia, assistant secretary for cyber security and communications for the Department of Homeland Security (DHS).
"It fundamentally was about identifying and responding to a fast-breaking cyber-epidemic. It tested our ability to identify an attack, validate or correct the analysis with our partners -- because we were all getting different pieces of information -- and to respond individually and collectively."
InfoWorld also ran a piece on the RSA panel which added several other quotes. "By participating in Cyber Storm II, emergency response mangers could find out if their plans worked out as expected, and, in particular, if people wound up doing what the planners thought they would do, said Christine Adams, a senior information systems manager at the Dow Chemical Company, speaking during a panel discussion at the conference.
ComputerWorldUK was one of several international publications that reported on the panel. Like many of the the other articles, their focus was on coordination, communication, and better cross-boundary planning prior to events.
Information Week reported this, "One pony-tailed RSA attendee, presumably a security pro, expressed dissatisfaction with the lack of specific information disclosed about Cyber Storm II and asked bluntly, "Was there a red team and did they win?"
"We don't have a firm answer about winning or losing," said panel moderator Jordana Siegel, acting deputy director at Department of Homeland Security. She however did allow that the exercise had taught everyone a lot.
So what new can I add to this coverage? Not much right now, but I encourage a closer look at the final report when it comes out later this summer. Our team grew and learned a tremendous amount. We were also in CyberStorm I, and this time we had many more people participating.
As I mentioned on the panel, Michigan greatly benefitted from the opportunity to get senior executives involved in CyberStorm II from across government. It was a great training and awareness day, and many managers told me some rendition of "I had no idea how important our cyber infrastructure was and is." That was perhaps my favorite take-away from CyberStorm II. It was well worth the time investment.
