Companies from the energy, finance and telecommunications sectors came together last week to compete on their cyber defense skills, a match that participants said was the first fully organized tri-industry exercise. by the private sector.
Southern Power Companies Co.
and Southern California Edison, telecom operators AT&T Inc.
and Lumen Technologies Inc.,
and Mastercard Inc.
and Morgan Stanley participated in the two-day Cyber Defense Exercise, or CDX, hosted by AT&T at its Dallas headquarters.
Rather than a typical “tabletop” exercise, where executives play out a crisis scenario, the event pitted teams of cyber specialists from each company against each other in a no-holds-barred showdown of cyber skills, said Ron Green, chief security officer. at MasterCard.
“This is the new civil protection. Our infrastructure is the critical infrastructure for the country, so we have to exercise it, we have to test ourselves,” Green said.
Each company brought two teams to the CDX: a blue team, specializing in securing digital barricades, and a red team, launched to find loopholes in those defenses and break in.
All players worked from the same set of tools and on Mastercard’s “cyber range”, which simulates computer networks for cyber drills.
Teams were then scored on their performance; Mr Green declined to say who the highest or lowest ranked players were.
The US government has urged companies to do more to improve their cybersecurity, including tests such as the CDX to improve defenses, following a series of cyberattacks and data breaches at businesses of all sizes in recent years. years.
Owners of critical infrastructure, in particular, are under pressure to improve defenses after the government warned that Russia’s war in Ukraine, among other geopolitical eruptions, could lead to cyberattacks on key US companies.
Cyber drills within industries have been taking place for years, but most have been organized either by the government or by public institutions, such as the Bank of England’s Waking Shark drills, or by sharing bodies industry-specific news or trade associations, including the Industry and Financial Markets Association’s biennial Quantum Dawn Securities Event.
“This is the new civil protection. Our infrastructure is the essential infrastructure for the country, so we have to exercise it, we have to test ourselves.”
But Bill O’Hern, chief security officer at AT&T, said multi-industry drills, like the one last week, were also needed.
“We do a lot of public-private exercises, and we have a lot of interactions within sectors, but we thought there was a place for cross-sector exercises like this,” he said.
The finance, energy, and telecommunications sectors already had cybersecurity ties with each other prior to the event, having been part of sector coordination councils established for intelligence sharing and other efforts among operators. critical infrastructure. Planning for the event began in 2019, said Jason Lish, chief security officer at Lumen, but was delayed by the Covid-19 pandemic.
“Some of these people had never interacted in person. So it was the first time, even within companies, that teams could come together,” he said. Having a personal connection will be useful if a true cyber incident occurs and involves all three sectors, he added.
Observers at the event included representatives from the Treasury Department, Secret Service and the Cybersecurity and Infrastructure Security Agency, as well as Dallas city officials, Lish said.
Participants said they hoped the exercise would be repeated with new participants from other sectors, although they are reviewing last week’s event before planning the next one. They all agreed, however, that such events are critical to cybersecurity.
“The collaboration, the sharing, the understanding, the relationships, all of that is hugely beneficial” in responding to a crisis, Mr. O’Hern said. “When we defend national infrastructure, we must work together to do so.”
Write to James Rundle at email@example.com
Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8