feature article this month summarises the just-published lessons learned from Australia's first ever national e-security exercise,
Cyber Strom II, conducted on the 10-14th March 2008.
international cyber security exercise, which I had the privilege of attending,
was designed to simulate a significant global
incident caused by attacks on critical infrastructure systems via the Internet.
It was led by the United States Department of Homeland Security and allowed
government and business sectors of Australia, Canada, New Zealand, the United
Kingdom and the United States to put their e-security arrangements to the test.
Australia's involvement in Cyber Storm II included
both federal and state government agencies and the largest contingent of
private sector organisations ever involved in such an exercise.
According to Attorney-General Robert McClelland, the
exercise has "proved Australia's response arrangements to
cyber-attack are sound, but just as importantly, demonstrated areas where
improvements can be made."
"The world's increasing dependence on electronic
communications creates new opportunities for criminals and terrorists. The
lessons learned from exercises such as Cyber Storm II help ensure Australia is
well placed to combat these threats."
key findings from the exercise were:
Effective response to a cyber crisis is significantly enhanced by
having tested procedures or arrangements in place
More frequent, non-crisis interaction between various stakeholders
involved in protecting the national information infrastructure will enhance
real world response capabilities.
The borderless nature of cyber attacks, and the speed with which
they can escalate across infrastructure sectors, was demonstrated in Cyber
Storm II. Contingency planning must include potential flow-on effects.
report released by
Attorney-General Robert McClelland can be obtained here
. We hope you find it of interest.
Finally, to everyone who attended our Introduction to IT Disaster Recovery training course in Canberra last week; I thoroughly enjoyed the day and thanks for your positive feedback.