[92330] in North American Network Operators' Group
Cyber Storm Findings
daemon@ATHENA.MIT.EDU (Michael.Dillon@btradianz.com)
Thu Sep 14 07:18:13 2006
To: nanog@nanog.org
From: Michael.Dillon@btradianz.com
Date: Thu, 14 Sep 2006 12:19:59 +0100
Errors-To: owner-nanog@merit.edu
A quote from the DHS's recently released report about their Cyberstorm
exercise in Feb:
http://www.dhs.gov/interweb/assetlibrary/prep_cyberstormreport_sep06.pdf
Finding 3: Correlation of Multiple Incidents between Public and Private
Sectors. Correlation of multiple incidents across multiple infrastructures
and between the public and private sectors remains a major challenge. The
cyber incident response community was generally effective in addressing
single threats/attacks, and to some extent multiple threats/attack.
However, most incidents were treated as individual and discrete events.
Players were challenged when attempting to develop an integrated
situational awareness picture and cohesive impact assessment across
sectors and attack vectors.
And a question:
Do network operators have something to learn from these DHS activities
or do we have best practices that the DHS should be copying?
--Michael Dillon
