The Cybersecurity and Infrastructure Security Agency (CISA) hosted a three-day cyber exercise, Cyber Storm VIII, which included more than 2,000 private sector, government and international participants from approximately 200 organizations.

The biennial Cyber Storm exercise brings together the public and private sector to simulate a response to a cyber crisis impacting the nation’s critical infrastructure. The exercise assesses cybersecurity preparedness and examines incident response processes, procedures, and information sharing. It provides a venue for players to simulate the discovery of and response to a widespread coordinated cyberattack without the consequences of a real-world event. The scenario for Cyber Storm VIII involved both operational (e.g., industrial control systems) and traditional enterprise systems, with organizations experiencing various impacts such as ransomware and data exfiltration.

Cyber Storm is part of CISA’s work to partner with the nation’s critical infrastructure stakeholders to evaluate and improve the nation’s cyber resilience continuously. “Over the last several months, we have been encouraging organizations to have their ‘Shields Up’ to ensure they’re prepared to respond to potential disruptive cyber activity. An important part of building cybersecurity preparedness and resilience is exercising incident response capabilities, something CISA and our cybersecurity partners do regularly through exercises like Cyber Storm,” said CISA Director Jen Easterly. “CISA will continue to work with government and industry to safeguard our critical infrastructure, but everyone has a role to play. I encourage all organizations regardless of size to adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”

Participants across the globe worked together to respond to a simulated significant cyber incident impacting critical infrastructure. Following the event, CISA will work with participating organizations to identify, share and examine lessons learned to improve risk management, cybersecurity incident response planning, information sharing, and response activities.

Learn more about Cyber Storm VIII here: