CSC Participates in Department of Homeland Security Cyber Storm III ExerciseNational-Level Cybersecurity Exercise Allows CSC to Demonstrate Preparedness in Responding to Potential Threats, Underscore Commitment to Government Cooperation
Please read the entire article here:
CSC today announced its participation in the Department of Homeland Security (DHS) as a full player during Cyber Storm III, the department's biennial event representing the U.S.'s most extensive cybersecurity exercise. The exercise is taking place September 28-30, 2010.
The goal of Cyber Storm is to strengthen cybersecurity preparedness and response capabilities by exercising policies, processes and procedures for identifying and responding to a cyber attack on the U.S.'s critical infrastructure. CSC's participation is allowing the company to further test its abilities to react appropriately and respond efficiently to potential cyber incidents of varying degrees both for its customers and own internal systems.
"CSC has participated in all three of the DHS Cyber Storm exercises, and we are honored to be an active participant and full player as part of the private industry during Cyber Storm III," said Andy Purdy, CSC's chief cybersecurity strategist, who was head of the DHS National Cyber Security Division led Cyber Storm I. "The cyber landscape is dynamic and cybersecurity is a global concern. The efforts put into this exercise and the lessons we will learn from it will continue the process of strengthening the capability of the United States to prepare for and respond to significant cyber attacks and incidents. CSC's participation internally on a global level also enables us to continue refining our cybersecurity capabilities to the absolute highest levels. It is critically important that the after-action recommendations from Cyber Storm III be resourced and implemented as quickly as possible."
CSC is one of the few companies to provide full lifecycle cybersecurity solutions and services to both public and private sector clients globally. Through its foundation of global network security operations centers, CSC protects some of the world's most sensitive information, systems and networks against emerging cyber threats. CSC's cybersecurity capabilities include privacy and cybersecurity consulting, strikeforce, compliance, system design, and integration and forensics training. For more information on its comprehensive cybersecurity solutions, go to
READ CSC's Cybersecurity brochure here:http://assets1.csc.com/public_sector/downloads/CSC_CyberSecurity_Brochure_rd4.pdf
FULL TEXT:FACT SHEET: Cyber Storm III
The U.S. Department of Homeland Security’s (DHS) Cyber Storm exercise series is part of the Department’s ongoing efforts to assess and strengthen cyber preparedness; examine incident response processes in response to ever-evolving threats, and enhance information sharing among federal, state, international and private sector partners.
The Cyber Storm series simulates large-scale cyber events and attacks on the government and the nation’s critical infrastructure and key resources (CIKR)—so that collective cyber preparedness and response capabilities can be measured against realistic and credible national-level events. DHS’s National Cybersecurity Division (NCSD) is sponsoring the latest installment of the series—Cyber Storm III, which will include thousands of players across government and industry and more than 1,500 injects of data to keep participants on their toes.Cyber Storm III Scenario
The Cyber Storm III exercise scenario reflects the increased sophistication of our adversaries, who have moved beyond more familiar Web page defacements and Denial of Service (DOS) attacks in favor of advanced, targeted attacks that use the Internet’s fundamental elements against itself—with the goal of compromising trusted transactions and relationships.
The scenario will incorporate known, credible technical capabilities of adversaries and the exploitation of real cyber infrastructure vulnerabilities, resulting in a range of potential consequences—including loss of life and the crippling of critical government and private sector functions.
Throughout the exercise, the goal of exercise players will be to identify, in real time, the ongoing attack and mitigate the compromises and vulnerabilities that allowed it to occur, as well as possible consequences to compromised systems. At its core, the exercise is about resiliency—testing the nation’s ability to cope with the loss or damage to basic aspects of modern life.
Cyber Storm III builds upon the success of previous exercises; however, enhancements in the nation’s cybersecurity capabilities, an ever-evolving cyber threat landscape and the increased emphasis and extent of public-private collaboration and cooperation, make Cyber Storm III unique.
National Cyber Incident Response Plan
Cyber Storm III is the primary vehicle to exercise the newly-developed National Cyber Incident
Response Plan (NCIRP)—a blueprint for cybersecurity incident response—to examine the roles,
responsibilities, authorities, and other key elements of the nation’s cyber incident response and
management capabilities and use those findings to refine the plan.
Increased Federal, State, International and Private Sector Participation
o Administration-Wide—Seven Cabinet-level departments including Commerce, Defense, Energy, Homeland Security, Justice, Transportation and Treasury, in addition to the White House and representatives from the intelligence and law enforcement communities.
o Eleven States—California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas, Washington, as well as the Multi-State Information Sharing and Analysis Center (ISAC)—compared to nine states in Cyber Storm II.
o 12 International Partners—Australia, Canada, France, Germany, Hungary, Japan, Italy, the Netherlands, New Zealand, Sweden, Switzerland, the United Kingdom—compared to four international partners in Cyber Storm II.
o 50 Percent More Private Sector Partners—We will have 60 private sector companies playing in Cyber Storm III, up from 40 in Cyber Storm II; several will participate on-site with DHS for the first time. DHS worked with representatives from the Banking and Finance, Chemical, Communications, Dams, Defense Industrial Base, Information Technology, Nuclear, Transportation, and Water Sectors as well as the corresponding Sector Coordinating Councils and ISACs to identify private sector participants.
National Cybersecurity and Communications Integration Center Cyber Storm III will be the first opportunity to test the new National Cybersecurity and Communications Integration Center (NCCIC)—which serves as the hub of national cybersecurity coordination and was inaugurated in October of 2009.