How prepared is the United States to defend against a cyberattack?
We'll soon find out, says Andy Purdy, acting director of the National Cyber Security Division of the country's Department of Homeland Security.
Last week, Purdy oversaw the first large-scale mock cyberattack, aimed at gauging the US' readiness to handle computer-based threats to critical infrastructure.
The weeklong exercise, dubbed Cyber Storm, came three years after the Bush administration signed off on the National Strategy to Secure Cyberspace. Results of the exercise will be made public this summer.
In the meantime, though progress has been made on the US government's strategy for protecting the Internet and securing information systems, the work is not done, a panel of security experts said at the RSA Conference 2006 in San Jose last week.
Purdy was one of the panellists. He sat down with ZDNet UK sister site CNET News.com to discuss the US' preparedness for cyberattacks and what should be done to help defend critical infrastructure.
Q: In a nutshell, can you describe the National Strategy to Secure Cyberspace? What's it all about?
The strategy really told Americans what needs to be done to help secure cyberspace. It articulates high-level priorities for action. At DHS we try to implement those priorities. From that we developed our mission, in collaboration with our public and private partners, to secure cyberspace and America's cyberassets.
What kind of tangible things have actually been achieved over the past three years?
Priority one was to build an effective national cybersecurity response system. I believe we have built that capability. In fact, during last week's Cyber Storm exercise, we tested and worked through communications paths and processes for responding to significant malicious cyberactivity.
The response system, is that the Computer Emergency Response Team, CERT, for example?
It is really a combination of capabilities. Our US-CERT, which is the partnership between DHS and public and private sectors, is the operational piece of what we do to try to prepare for and respond to significant cyberactivity. That's a key component of the cyber response system. What we have done is we have leveraged the capabilities of the US government from a cyberdefence perspective. We brought together the capabilities of situation awareness, response and recovery, so that we can work effectively together to help reduce those cyber-risks.
You mentioned the Cyber Storm exercise you had last week. What does such an exercise entail? Is there an easy way to describe what you do when such a thing goes down? Do you try to mimic an actual attack?
The Cyber Storm exercise included players from government at the federal, state and international level and key private sector participants to work through what would happen if there were significant cyberattacks that disrupted or impacted the energy and transportation infrastructure and targeted federal, state and international governments with the intent of disrupting those government operations. It basically tested and practiced how the different entities would respond...
For more, click here...
