DHS, agencies plan joint Cyber Storm exercise

The Homeland Security Department will test how well it works with other federal agencies and private IT companies to protect cybersecurity in a national exercise from Feb. 6-10.

The Information Technology Information-Sharing and Analysis Center will take part in the exercise, known as "Cyber Storm," with DHS to test its draft concept of operations for responding to cybersecurity incidents.

"This will be the first-ever cyber-focused exercise for DHS," the IT center stated on its Web site.

Participating in Cyber Storm are Cisco Systems Inc., Citadel Security Software Inc., Computer Associates International Inc., Computer Sciences Corp., Intel Corp., Microsoft Corp., Symantec Corp., and VeriSign Inc., the center announced on its Web site. Cyber Storm also will involve government agencies.

According to Donald Purdy, acting director of DHS' National Cyber Security Division, the division established the Government Forum of Incident Response and Security Teams (GFirst) to facilitate interagency information sharing and cooperation for readiness and response. The teams, comprising government computer experts, are responsible for IT security at government agencies.

In addition to the GFirst teams, the agency has worked with the Defense and Justice departments to form the National Cyber Response Coordination Group to provide an organized federal response to cybersecurity breaches. This group, which includes 13 other federal agencies including intelligence agencies, is the principal federal interagency mechanism for responding to cyberincidents of national significance.

The response coordination group has developed a concept of operations for national cyberincident response that will be examined in Cyber Storm, Purdy told Congress in October 2005.

Cyber Storm initially was to be held in November 2005, but it was postponed because of the department's involvement in Hurricane Katrina reconstruction.