Critical Infrastructure Protection: DHS Needs to Fully Address Lessons Learned from Its First Cyber Storm Exercise
Highlights
Federal policies establish the Department of Homeland Security (DHS) as the focal point for the security of cyberspace. As part of its responsibilities, DHS is required to coordinate cyber attack exercises to strengthen public and private incident response capabilities. One major exercise program, called Cyber Storm, is a large-scale simulation of multiple concurrent cyber attacks involving the federal government, states, foreign governments, and private industry. To date, DHS has conducted Cyber Storm exercises in 2006 and 2008. GAO agreed to (1) identify the lessons that DHS learned from the first Cyber Storm exercise, (2) assess DHS's efforts to address the lessons learned from this exercise, and (3) identify key participants' views of their experiences during the second Cyber Storm exercise. To do so, GAO evaluated documentation of corrective activities and interviewed federal, state, and private sector officials.
Recommendations
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Department of Homeland Security | Given the importance of continuously improving cyber exercises, the Secretary of Homeland Security should direct the Assistant Secretary for Cybersecurity and Communications to ensure the scheduling and completion of the corrective actions addressing lessons learned during Cyber Storm I before conducting the next Cyber Storm Exercise. |
As of September 2010 and prior to Cyber Storm III, the Department of Homeland Security (DHS) demonstrated that it had completed all 66 of the corrective actions addressing Cyber Storm I's lessons learned.
|