EXERCISE, PUBLICATION, FACT SHEET

Cyber Storm 2020: National Cyber Exercise

View All Cyber Storm Final Reports
Related topics:
Cybersecurity Best Practices, Critical Infrastructure Security and Resilience

Cyber Storm 2020, sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), was held in August 2020. Cyber Storm 2020 brought together the public and private sector to simulate response to a cyber crisis impacting the nation’s critical infrastructure. Cyber Storm 2020 was the first Cyber Storm exercise in the distributed virtual environment and included over 2,000 players nationwide participating in three days of live exercise play. Cyber Storm 2020 represented the seventh iteration of the National Cyber Exercise.

Enhancing Cyber Incident Response Capabilities

The dynamic nature of cybersecurity threats demand continual review and assessment of the nation’s cyber incident response capabilities. Cyber Storm provides a unique venue where aspects of the nation’s critical infrastructure – federal, state, and local entities, along with the private sector owner and operators – can examine collective cyber incident response capabilities with the goal of identifying areas for growth and improvement.

Cyber Storm 2020 focused on:

  • Building upon the outcomes of previous exercises and changes to the cybersecurity landscape;
  • Evaluating and improving the capabilities of the cyber response community;
  • Promoting public-private partnerships and strengthening relationships; and
  • Integrating new critical infrastructure partners, while providing an opportunity for Cyber Storm veterans to return.

Cyber Storm 2020 Quick Facts

Date: Summer 2020

Duration: 3 days of live play

Exercise Stakeholders:

  • Federal Departments and Agencies
  • Industry-specific Partners from critical infrastructure sectors such as: Chemical, Commercial Facilities, Communications, Critical Manufacturing, Financial Services, Healthcare and Public Health, Information Technology, and Transportation
  • International
  • State and Local Governments

Cyber Storm 2020 Goal and Objectives

Cyber Storm 2020 was designed to strengthen cybersecurity preparedness and response capabilities by exercising policies, processes, and procedures for identifying and responding to a multi-sector cyberattack targeting critical infrastructure.

Cyber Storm 2020’s specific objectives were to:

  • Examine the implementation and effectiveness of national cybersecurity plans and policies;
  • Strengthen and enhance information sharing and coordination mechanisms used across the cyber ecosystem during a cyber incident;
  • Reinforce public and private partnerships and improve their ability to share relevant and timely information; and
  • Exercise communications aspects of cyber incident response to refine and mature communications strategies.

Past Highlights

Each Cyber Storm builds on lessons learned from previous real-world incidents, ensuring that participants face more sophisticated and challenging exercises every two years. 

Review All Cyber Storms

Contact

For additional information on Cyber Storm exercises, contact  cyberstorm@mail.cisa.dhs.gov.

Final Report

The Cyber Storm 2020 Final Report reviews the purpose, scope, planning and execution, scenario, and the significant findings of the exercise.

Resource Materials

Resource Name File Type File Size Language
Cyber Storm 2020 Fact Sheet PDF, 317.60 KB 317.60 KB
Cyber Storm 2020 Final Report PDF, 844.73 KB 844.73 KB

Tags

Audience: Federal Government, Industry, State, Local, Tribal, and Territorial Government
Programs: Cyber Storm: Securing Cyber Space
Topics: Critical Infrastructure Security and Resilience, Cybersecurity Best Practices

Related Resources