I’ve made several trips to DC of late and although asked, I never really explained what for. Now I feel it’s ok to say. Like many of you, I have a variety of interests and specialties. In the tech sector VoIP is one area I specialize in. Another is network design for cost recoverability and performance. And one is network security, or what some would call cyber security.

Press Office, U.S. Department of Homeland Security, Press Release, February 10, 2006
U.S. DEPARTMENT OF HOMELAND SECURITY CONDUCTS FIRST EVER CYBER SECURITY FULL SCALE EXERCISE TO ENHANCE NATION’S CYBER PREPAREDNESS
International, Federal, State, and Private Sector Coordination Affecting Key Critical Infrastructure Sectors Examined Washington, D.C. -- The U.S. Department of Homeland Security (DHS) today announced the completion of Cyber Storm, the first government-led cyber security full scale exercise to examine response, coordination, and recovery mechanisms to a simulated cyber-event within international, Federal, state, and local governments in conjunction with the private sector. 115 public, private, and international agencies, organizations, and companies were involved in the planning and implementation of Cyber Storm.

"Cyber security is critical to protecting our Nation's infrastructure because information systems connect so many aspects of our economy and society," said Mr. George W. Foresman, Under Secretary for Preparedness at DHS. "Preparedness against a cyber attack requires partnership and coordination between all levels of government and the private sector. Cyber Storm provides an excellent opportunity to enhance our Nation's cyber preparedness and better manage risk." Cyber Storm emphasizes the Administration’s commitment to cyber security and preparedness. The exercise simulated a sophisticated cyber attack through a series of scenarios directed against critical infrastructures. For example, one of the scenarios simulated a cyber incident where a utility company’s computer system is breached, causing numerous disruptions to the power grid. The intent of this scenario is to highlight the interconnectedness of cyber security with the physical infrastructure and to exercise coordination and communication between the public and private sectors. Each of the scenarios was developed with the assistance of industry experts and was executed in a closed and secure environment.

Cyber Storm exercised national cyber incident response within the context of a large-scale cyber incident affecting the energy, information technology, telecommunications, and transportation sectors. Capabilities examined included:
o Interagency coordination through the National Cyber Response Coordination Group;
o Identification of policy issues that affect response and recovery;
o Identification of critical information sharing paths and mechanisms among public and private sectors;
and
o Improvement and promotion of public and private sector interaction.

The exercise was a simulated event, and there were NO real world effects on, tampering with, or damage of any critical infrastructure. While the exercise scenario was based on a hypothetical situation, it was not intended as a forecast of future terrorist related events. Cyber Storm participants included members of the public sector (Federal and state agencies), the private sector (information technology, telecommunications, energy and transportation firms selected by Industry Information Sharing and Analysis Centers (ISACs) and Sector Specific Agencies (SSAs)), and select international government partners.
The National Cyber Security Division (NCSD), a part of the Department’s new Preparedness Directorate provides the federal government with a centralized cyber security coordination and preparedness function. The NCSD is the focal point for the federal government’s interaction with state and local government, the private sector, and the international community concerning cyberspace vulnerability reduction efforts.

Let me take a moment to say this work activity is more centered in the new Realttime Compliance Community hosted by Rebecca Herrold. I'm a member there and occasional participant. So consider this an invitation to visit overe there too is security and compliance is in your sphere of interest.