Cyber Guard 16 key takeaway – U.S. military can’t fully test its ability to respond to a catastrophic cyber-attack on civilian infrastructure
Cyber Guard 16 built on previous lessons learned by expanding allied partner nation involvement for improvement of information sharing practices.
Cyber Guard is an evolving exercise, continually expanding to meet the demands of the Department of Defense and the nation. Cyber Guard 12 was developed to foster coordinated cyberspace incident responses between the Federal and state governments, exploring the National Guard’s potential as an enabler and “force multiplier” in the cyberspace domain. The exercise expanded in Cyber Guard 13 and 14 to include state and federal government and allied participation in an effort to develop and refine coordinated responses to cyber attack. Cyber Guard 15’s addition of private sector participation, coordinated through DHS, represented a shift from a whole-of-government to whole-of-nation approach to cybersecurity preparedness and response.
Cyber Guard 16 Overview: Cyberspace and critical infrastructure operators and experts from more than 100 organizations, spanning government, academia, industry and allies, participated in the fifth annual Cyber Guard
June 9-18th. U.S. Cyber Command, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) co-led the exercise, hosted by the Joint Staff in a state-of-the-art facility in Suffolk, VA designed to support a wide range of military tests and exercises. Participants exercised a whole-of-nation response to destructive cyber attacks against U.S. critical infrastructure. The exercise rehearsed operations designed to defend DoD Information Networks (DoDIN), and mitigate damage to Critical Infrastructure in a compromised cyber environment. The exercise aimed to refine information sharing and Defense Support to Civil Authorities processes and capabilities, strengthen partnerships within government, allies and the private sector, build and maintain DoD’s cyberspace capability and capacity, and continue efforts to build a Persistent
“We don’t have the scale or the complexity to truly represent a realistic and relevant threat, the ones that we’re truly trying to train to,” Brig. Gen. Charles L. Moore Jr., the Joint Chiefs of Staff’s deputy director for global operations, told the House Armed Services Committee.
At this time, the military can’t train to fend Off the Worst Cyber Attacks on Infrastructure. It likely won’t be able to until 2019, representatives from Cyber Command and the Joint Chiefs told lawmakers on Wednesday.
Last Friday, Cyber Command wrapped up Cyber Guard, a major exercise that gathered 800 representatives from DOD, DHS, FBI, and industry to practice repelling a major network attack on U.S. infrastructure. The exercise took place on a joint information operation range in Suffolk, Va. — a kind of cyber firing range. The exercise, however didn’t fully emulate the full range of tactics and techniques that hackers might deploy against U.S. infrastructure.
Persistent Training Environment
Cyber Command is building what its leaders call a Persistent Training Environment. It’s a different sort of cyber firing range, one that can accommodate a much wider host of commercial industry participants, a much wider array of systems, networks and devices; and better emulate a catastrophic cyber attack. Most importantly, operators will be able to train against different threats and attack scenarios continuously, rather than just in occasional exercises. That might include the ability to bring in players from across industry and in different areas or locations. The new range would include detailed and realistic simulations of attacks.
The “Persistent Training Environment gives us a couple things we don’t have on the joint training operation ranges,” Moore said.