California Participates in Cyber Storm III, National-level Cybersecurity Exercise

State Technology Update: September 28, 2010

California is one of 11 State communities participating in Cyber Storm III.  Cyber Storm is the Department of Homeland Security’s (DHS) capstone national-level cybersecurity exercise. The biennial event represents the Nation’s most extensive cybersecurity exercise effort of its kind. The Cyber Storm exercise series is a key element of ongoing efforts to assess cyber preparedness; examine incident response processes, procedures, and information sharing mechanisms; and identify areas for improvement absent the consequences of an actual incident. DHS’s National Cyber Security Division (NCSD) is sponsoring the latest installment of the series – Cyber Storm III – in the fall of 2010. 

Through the Cyber Storm exercise, DHS simulates large-scale cyber events and attacks across the government and the Nation’s critical infrastructure and key resources (CIKR) in order to examine and strengthen collective cyber preparedness and response capabilities of the cyber incident response community. The response capabilities are examined in the face of realistic and credible national-level events.

The exercise ensures that our ability to prepare for, respond to, and recover from all types of events is coordinated and practiced. Most importantly, the exercise provides us with the opportunity to continually improve and incorporate the progress we achieve through ongoing risk management efforts.

Our national capabilities mature and evolve in parallel to the dynamic cyber risk landscape. Efforts such as Cyber Storm allow the cyber incident response community to exercise those capabilities and evolve based on the findings. These efforts contribute to the Nation’s overall mission to ensure a resilient cyber infrastructure.

Cyber Storm III is the primary vehicle to exercise the elements of the newly developed National Cyber Incident Response Plan (NCIRP). The exercise will examine the roles, responsibilities, authorities, and other key elements the Nation’s cyber incident response and management capabilities. The findings will be analyzed, and where relevant, the findings will be incorporated into operational documents and activities.

California’s State agency/department participants include the Office of Information Security, California Emergency Management Agency (CalEMA), the Office of Technology Services, the Department of Motor Vehicles, the Department of Transportation, the Department of Veteran’s Affairs and the California Highway Patrol.  Additionally, the Sacramento and Palo Alto communities are participating at the local government level including the County of Sacramento, the City of Sacramento, City of Palo Alto, and the San Francisco Bay Chapter of Infragard, the Western Disaster Center, and Financial Engines.

In addition, the national Information Technology (IT) and Communications Sectors are at the heart of the exercise as they are the foundational elements the Nation’s cyber infrastructure. Further, DHS has identified additional participating sectors – such as the Energy, Chemical, and other CIKR sectors.

About the NCIRP

Since July 2009, over 170 volunteers have participated in building the NCIRP, including 20 federal departments and agencies, 12 States and the Multi-State ISAC, owners and operators from eight critical infrastructure sectors, four ISACs and two associations. DHS and the Office of Cybersecurity and Communications (CS&C) coordinated inputs on the plan and received numerous additional inputs from individual subject matter experts through the Partnership for Critical Infrastructure Security.  CS&C is working to finalize the NCIRP so the plan can be tested during Cyber Storm III.

As the Nation’s capstone cyber exercise, Cyber Storm III is the forum to assess the effectiveness of the NCIRP, which will serve as the guiding framework for a cyber incident response. Cyber Storm III provides a unique opportunity to evaluate the NCIRP in the face of simulated cyber attack that is credible and realistic. CS&C plans to use Cyber Storm III findings related to the NCIRP to refine the plan.

Contact:  Department of Homeland Security’s Office of Public Affairs at (202) 282-8010.