Skip to content

CISA’s recent national cyber exercise provided critical infrastructure operators 

Posted by: GuidePoint Security

< 1 min read

Published in the March 15, 2022 Morning Cybersecurity Newsletter

With fears about Russian cyberattacks targeting Western entities still high, Politico writer Sam Sabin sat down with GuidePoint Security’s senior director of cyber defense, Mark Lance, to talk about the timing and importance of CISA’s most recent tabletop exercise for municipal governments and private organizations.

CISA unveiled some details Monday about a hypothetical cyber incident it simulated last week with roughly 200 participating organizations, including government agencies and private critical infrastructure companies. The Department of Homeland Security has held these training exercises, known as Cyber Storm, approximately every two years since 2006, and the idea is to help find bumps in the country’s national cybersecurity plans and policies.

But given the heightened awareness of Russia’s cyber powers, CISA’s latest Cyber Storm operation was optimally timed, said Mark Lance, senior director of cyber defense at GuidePoint Security. “It gives the organizations the opportunity to flex their muscles and practice things that they wouldn’t normally be able to practice unless they were in a conflict,” Lance said.

Organizations rarely are able to prepare detailed responses to a major cyber incident, including one from nation-state hackers. Lance said exercises such as the one CISA conducted give organizations the ability to figure out intricate questions like what reporting requirements they have and when is the best time to loop in their outside legal counsels.

One of the key hurdles to incident response is understanding who is behind the attack. Organizations have a different playbook for responding to ransomware attacks than they do state-sponsored cyberespionage campaigns, Lance said, and these simulations allow companies and government agencies to practice attributing an attack. “But a lot of times you don’t know the motivation of the threat actor until you see their operations in action,” he said.

Categories: Cybersecurity News

GuidePoint Security

U.S., private sector may still be a cyber target for Russia amid Ukraine fighting
March 3, 2022 – Published on The Washington Times Americans should expect escalating cyber operations targeting the private sector despite the […]
View Page

Related Articles

View All

  • Cybersecurity
U.S., private sector may still be a cyber target for Russia amid Ukraine fighting
Read More 2 min read
  • Cybersecurity
No Significant Intrusions Related to Log4j Flaw Yet, CISA Says
Read More < 1 min read
  • Cybersecurity
Russia War Raises Global Insurers’ Cyber Claim Exposure
Read More < 1 min read