National Guard plans all-virtual cyber exercise

NOTE: This story first appeared on

The National Guard is moving its massive annual cyber exercise, Cyber Shield 2020, completely online for the first time due to the ongoing COVID-19 pandemic with a renewed focus on information operations.

"Everybody has heard the term fake news; that didn't just originate. It's been going on for a long time," said George Battistelli, exercise director and Chief of IT Security, Compliance and Readiness Division, G6, for the Army National Guard, during a Sept. 2 call with reporters.

"There are specifically actors that would like to run their influence operations and so the more that we can give our defensive, cyber operation elements and our cyber protection teams the ability to see those things, the more they're able to discern them in the real world."

The event for the National Guard's cyber teams will start Sept. 12 and end Sept. 27 and is typically used to develop and train cyber operators in incident response and internal computer network internal defensive measures.

Last year, the event, which hosts nearly 800 guardsmen, focused on election security. This year will focus more on information operations and mitigating vulnerabilities found in Cyber Command's readiness assessments.

Battistelli said each day will be its own cyber event and training exercise that gets broken down at the end to help "get everyone on the same level" skill and knowledge-wise -- an issue that has been highlighted by the Government Accountability Office and U.S. Cyber Command. The training will also include longstanding attack vectors, including insider threat, industrial controls and electrical critical infrastructure.

Col. Teri Williams, the exercise's officer in charge and Commander, 91st Cyber Brigade for the Virginia Army National Guard, said the cyber training exercise will also incorporate trends seen during the U.S. Cyber Command's readiness inspections, including specific tools people might struggle with, ensuring physical (and not just digital) access points are secured, as well as controlling leaks or unauthorized information sharing.

"They signed a nondisclosure agreement that says what they can and cannot talk about based on their incident response actions. And so we actually test them on that. So we, we try to trick them into talking to people or giving information that they're not allowed to just to make sure that [it becomes] a little bit more muscle memory, if you will, in an environment that's safe," Williams said.

Williams said she expects participants to face "unique challenges" due to the new virtual setting, such as the lack of physical devices once available in a physical environment that are now web-based, but communication will be paramount during the 15-day event and participants will have access to chat, email, the Defense Department's version of Microsoft Teams and the virtual training range.

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.


contracts DB