National Guard plans all-virtual cyber exercise

Find opportunities — and win them.

The National Guard is taking its annual Cyber Shield training exercise virtual due to COVID-19 with a spotlight on information operations.

NOTE: This story first appeared on FCW.com.

The National Guard is moving its massive annual cyber exercise, Cyber Shield 2020, completely online for the first time due to the ongoing COVID-19 pandemic with a renewed focus on information operations.

"Everybody has heard the term fake news; that didn't just originate. It's been going on for a long time," said George Battistelli, exercise director and Chief of IT Security, Compliance and Readiness Division, G6, for the Army National Guard, during a Sept. 2 call with reporters.

"There are specifically actors that would like to run their influence operations and so the more that we can give our defensive, cyber operation elements and our cyber protection teams the ability to see those things, the more they're able to discern them in the real world."

The event for the National Guard's cyber teams will start Sept. 12 and end Sept. 27 and is typically used to develop and train cyber operators in incident response and internal computer network internal defensive measures.

Last year, the event, which hosts nearly 800 guardsmen, focused on election security. This year will focus more on information operations and mitigating vulnerabilities found in Cyber Command's readiness assessments.

Battistelli said each day will be its own cyber event and training exercise that gets broken down at the end to help "get everyone on the same level" skill and knowledge-wise -- an issue that has been highlighted by the Government Accountability Office and U.S. Cyber Command. The training will also include longstanding attack vectors, including insider threat, industrial controls and electrical critical infrastructure.

Col. Teri Williams, the exercise's officer in charge and Commander, 91st Cyber Brigade for the Virginia Army National Guard, said the cyber training exercise will also incorporate trends seen during the U.S. Cyber Command's readiness inspections, including specific tools people might struggle with, ensuring physical (and not just digital) access points are secured, as well as controlling leaks or unauthorized information sharing.

"They signed a nondisclosure agreement that says what they can and cannot talk about based on their incident response actions. And so we actually test them on that. So we, we try to trick them into talking to people or giving information that they're not allowed to just to make sure that [it becomes] a little bit more muscle memory, if you will, in an environment that's safe," Williams said.

Williams said she expects participants to face "unique challenges" due to the new virtual setting, such as the lack of physical devices once available in a physical environment that are now web-based, but communication will be paramount during the 15-day event and participants will have access to chat, email, the Defense Department's version of Microsoft Teams and the virtual training range.