Cyber Guard 2016 Seeks to Manage Complexity in Invisible Domain
By Karen Parrish DoD News, Defense Media Activity
SUFFOLK, Va., June 18, 2016 – Between 1 million and 10 million U.S. homes and businesses are without power. An oil spill from a near-shore refinery is gushing into the waters off Texas and Louisiana. The port of Los Angeles is shut down due to a network outage.
Visitors to exercise Cyber Guard 2016 here viewed mock newscasts detailing these scenarios as examples of the likely effects of a massive cyberattack.
Navy Adm. Michael S. Rogers commands U.S. Cyber Command and also directs the National Security Agency and serves as chief of the Central Security Service. He spoke June 16 to exercise visitors, explaining that training to meet cyber threats has advanced since the first Cyber Guard exercise in 2012.
Government, Industry, Foreign Partners Participate
The Joint Chiefs of Staff's facility here is hosting the nine-day exercise, which concludes today. This year's Cyber Guard brought together about 800 participants from 100 organizations. Representatives are here from the Department of Homeland Security, the Defense Department, the FBI, the Federal Aviation Administration and other government agencies, as well as power companies, port facilities, allied foreign partners including Australia, Canada and the United Kingdom, and 10 National Guard teams representing 13 states.
The exercise scenario reaches into banking, corporate profits and other business concerns most vulnerable to internet denial. The goal in working through this simulated environment is to build resilience while emphasizing that no one single nation or organization can stand alone against cyber threats, Rogers said.
"I believe it's our ability to team together that's going to help our nation and the broader coalition … deal with these challenges. … Every single one of us is going to have to be dealing with this," the admiral told the exercise visitors.
Upping the Training Game
Planners "invested a good bit of time and effort" in planning the "opposing force" aspect of this year's exercise, Rogers said. The opposing force serves as the notional "enemy," with the goal of pressuring the "blue teams," the defending force, to the point of failure.
"We really wanted to up the game," he said. "There is no script, per se, for this exercise; there is a broad set of objectives. Then we watch organizations' capabilities come into contact with each other, and the perspective that participants bring, and we work our way through a problem set."
The top objective for the exercise is to learn, the admiral said. "To learn, you must be willing to fail, because I will accept failure in an exercise" Rogers said. "But, guys, we can't fail when it comes to the real world."
Cyber Guard is part of a suite of annual exercises aimed at preparing critical defense and economic sectors to deal with cyber threats. Each set of exercises builds on the previous year's, with the training population constantly expanding, he noted.
"This is our seed corn for the future," Rogers said. He noted that the service members assigned to Cybercom view themselves as "the warriors of the 21st century."
Value and Takeaways
A United Kingdom exercise participant spoke to DoD News about her Cyber Guard experience. Maj. Hannah Frost of the British army said her team has been to three Cyber Guard exercises and had "slightly different objectives" for the 2016 event.
The Royal Air Force, Royal Navy and a joint cyber unit joined together this year, she said, "to actually allow more developmental learning."
While her team's focus was "definitely technical operator-level skills," she said, "what we actually found is that we've gotten a lot more than that out of it."
Her team incorporated and emphasized intelligence analysis into its exercise play, and the greater focus on intelligence is something "we might want to take back into the U.K.," Frost said. A three-star U.K. officer visited the exercise, she said, "and he's interested in us reporting back to him about what we've learned."
Exercises such as Cyber Guard are "absolutely critical" for U.K. forces, she said, and "we keep coming back, because we keep learning things."
|Join the GlobalSecurity.org mailing list|