Cyber Storm VIII: National Cyber Exercise
Cyber Storm VIII, conducted in March 2022, allowed participants to exercise their incident response plans and identify opportunities for coordination and information sharing. Cyber Storm VIII included more than 2,000 players, who uncovered lessons learned related to common vulnerabilities and the policies, processes, and procedures for recovery from a major cyber incident. Cyber Storm VIII is the eighth iteration of the National Cyber Exercise.
Enhancing Cyber Incident Response Capabilities
The cyber threat landscape continues to expand and advance, requiring public and private sectors to constantly evaluate their cyber incident response capabilities. Building on the outcomes of previous iterations, Cyber Storm VIII examined all aspects of cyber incident response including potential or actual physical impacts of a coordinated cyberattack targeting critical infrastructure. Cyber Storm VIII provided a unique opportunity for organizations to evaluate their internal cyber incident response plans, while coordinating with those at the federal, state, and private sector levels. Together, participants identified areas for growth and improvement to strengthen our national cyber resiliency.
Cyber Storm VIII Quick Facts
Date: Spring 2022
Duration: 3 days of live play
Exercise Stakeholders:
- Federal departments and agencies
- Industry-specific partners from critical infrastructure sectors (e.g., chemical, commercial facilities, communications, critical manufacturing, energy, financial services, healthcare and public health, IT, transportation, water and wastewater systems)
- International
- State and local governments
Cyber Storm VIII Participation
- Cyber Storm VIII included organizations across federal, state, and international governments and the private sector
- Participating organizations worked directly with CISA to understand CISA’s role and capabilities in a cyberattack.
- Participants operated in working groups to meet organization- and sector-specific objectives and improve coordination capabilities through the exercise.
- Participants improved their understanding of current cyber risks, awareness of incident response resources, strengthened relationships with counterparts, and refined communications strategies.
Cyber Storm VIII Goal and Objectives
Cyber Storm VIII was designed to strengthen cybersecurity preparedness and response capabilities by exercising policies, processes, and procedures for identifying and responding to a multi-sector significant cyber incident impacting critical infrastructure.
Cyber Storm VIII specific objectives were to:
- Examine the effectiveness of national cybersecurity plans and policies
- Explore the roles and responsibilities during a cyber incident with potential or actual physical impacts
- Strengthen information sharing and coordination mechanisms used during a cyber incident
- Foster public and private partnerships and improve their ability to share relevant and timely information across partners
Past Highlights
Each Cyber Storm builds on lessons learned from previous real-world incidents, ensuring that participants face more sophisticated and challenging exercises every two years.
Contact
For additional information on Cyber Storm exercises, contact cyberstorm@mail.cisa.dhs.gov.
Final Report
The Cyber Storm VIII Final Report reviews the purpose, scope, planning and execution, scenario, and the significant findings of the exercise.