Friday, April 11, 2008

Cyber Storm II – Communications Lessons

Last month DHS conducted a week long cyber security exercise called Cyber Storm II. This year’s exercise included two large chemical companies along with representatives from 38 other companies, 18 Cabinet-level agencies and four foreign governments. Yesterday there was a brief ‘lessons learned’ article on based on a panel discussion at this week’s RSA Security Conference. The formal government report on the exercise is expected to be published this fall.

The article and the panel emphasized the importance communications in the event of a cyber attack. The article quoted Greg Garcia, DHS Asst Secretary for Cyber Security, as saying that they had learned "how important vendors are in a crisis". He recommended that companies "establish strong relationships with vendors of critical systems" before a crisis occurs. This will make communications easier during a crisis.

Hopefully there will be additional panel discussions in the coming months where we will learn more about the problems and solutions encountered during this exercise. With the extent of the American Chemistry Council’s participation in the exercise (their Chemical Information Technology Center coordinated the participation of 10 chemical companies in the Cyber Storm II) maybe we will see panels at chemical industry gatherings as well as the expected IT meetings.

No comments:

/* Use this with templates/template-twocol.html */