By Wilson P. Dizard III
The Homeland Security Department plans to conduct a major
cybersecurity preparedness and response exercise to be called Cyber
Storm in November, a department official said in congressional
Andy Purdy, acting director of DHS' National Cyber Security Division
(NCSD), described Cyber Storm as "a national exercise" during a
hearing that focused largely on the work yet to be done in the
He spoke during a hearing of the Senate Homeland Security and
Governmental Affairs Subcommittee on Federal Financial Management,
Government Information and International Security.
According to written testimony Purdy presented, the division has
worked with the Justice and Defense departments to help form the
National Cyber Response Coordination Group (NCRCG).
"The NCRCG has developed a concept of operations for national
cyberincident response that will be examined in the National Cyber
Exercise, Cyber Storm, to be conducted by NCSD in November 2005 with
public and private-sector stakeholders."
Subcommittee Chairman Tom Coburn (R-Okla.) cited Government
Accountability Office criticism of the department=92s cybersecurity
"Cybersecurity plays an important part in the protection of the
critical infrastructure," Coburn said, adding that his committee
planned to hold additional hearings on the topic.
Coburn advocated improved organizational stability for the
cybersecurity division and said, "I ask that the department build
partnerships with the private sector in the cybersecurity field."
Purdy's testimony focused on DHS' cybersecurity priorities, activities
and plans, but questions from Coburn and other lawmakers focused on
some of the gaps and remaining needs in the arena.
David Powner, director of IT management issues for GAO, highlighted
the shortcomings of DHS' cybersecurity programs.
"Recent attacks and threats have increased the need for cyberdefense,"
Powner said. Noting that "DHS faces many challenges" in implementing
its cybersecurity policy, Powner added, "Although DHS has exerted
effort to address each of the 13 cybersecurity responsibilities it
has, they are incomplete."
He especially emphasized DHS' need to achieve a stable organization.
The division has operated with an acting director since last fall, and
faces an additional reorganization with the creation of an assistant
secretary for cybersecurity and telecommunications slot.
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 -
2,000+ international security experts,
10 tracks, no vendor pitches.