Critical Infrastructure Protection: DHS Needs to Fully Address Lessons Learned from Its First Cyber Storm Exercise

摘要

Federal policies establish the Department of Homeland Security (DHS) as the focal point for the security of cyberspace. As part of its responsibilities, DHS is required to coordinate cyber attack exercises to strengthen public and private incident response capabilities. One major exercise program, called Cyber Storm, is a large-scale simulation of multiple concurrent cyber attacks involving the federal government, states, foreign governments, and private industry. To date, DHS has conducted Cyber Storm exercises in 2006 and 2008. GAO agreed to (1) identify the lessons that DHS learned from the first Cyber Storm exercise, (2) assess DHSs efforts to address the lessons learned from this exercise, and (3) identify key participants views of their experiences during the second Cyber Storm exercise. To do so, GAO evaluated documentation of corrective activities and interviewed federal, state, and private sector officials. GAO is recommending that DHS schedule and complete the corrective activities identified to address lessons learned during the first Cyber Storm exercise, many of which were reiterated during the second Cyber Storm exercise. In written comments, DHS agreed with this recommendation and reported on its efforts to complete corrective activities.