DRDC Support to Exercise Cyber Storm III

PDF

Authors
  1. Genik, L.
Corporate Authors
Defence R&D Canada - Centre for Security Science, Ottawa ONT (CAN)
Abstract
This paper presents an overview of the DRDC command and control (C2) analysis support for Exercise Cyber Storm III, held in September 2010. It documents what was done, who was involved, challenges encountered, recommendations for improvement, and an indication of the overall effort required. After obtaining client support, DRDC teams were created for Public Safety Canada’s Canadian Cyber Incident Response Centre (CCIRC), Government Operations Centre (GOC), the Canadian Forces Network Operations Centre (CFNOC), and the Royal Canadian Mounted Police (RCMP) National Operations Centre (NOC). Analysts prepared for the exercise by becoming familiar with exercise documentation and attending pre-exercise training and meetings. During the exercise, teams of one to three analysts observed exercise play at each operations centre, interviewed staff, and administered surveys. Following the exercise, DRDC letter reports synthesising information were delivered to clients. Key recommendations that result from providing C2 analysis for CSIII include: (1) for future exercises, DRDC should engage earlier to have ample time for preparation; (2) analysts and management must be educated on, and agree to, the commitment required to deliver this type of analysis; (3) the commanding officer of each operations centre should be engaged by DRDC prior to the exercise; (4) DRDC should deliver reports and briefings to clients within two to three weeks of the exercise for optimal impact; and (5) federal r

Il y a un résumé en français ici.

Keywords
Exercise Cyber Storm III (CSIII);Support to exercises;Cyber security;Cyber readiness;Cyber incident;Cyber exercise;Public Safety Canada (PSC);Government Operations Centre (GOC);Canadian Cyber Incident Response Centre (CCIRC);Canadian Forces Network Operations Centre (CFNOC);Royal Canadian Mounted Police (RCMP) National Operations Centre (NOC);Federal Emergency Response Plan (FERP);Government of Canada Information Technology Incident Management Plan (GC IT IMP);Cyber Triage Unit Standard Operating Procedures (CTU SOP);Operations centres
Report Number
DRDC-CSS-TM-2011-24 — Technical Memorandum
Date of publication
01 Oct 2011
Number of Pages
60
DSTKIM No
CA036050
CANDIS No
535493
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: