Cyber Storm is the Cybersecurity and Infrastructure Security Agency’s (CISA) national-level cyber exercise that brings together the public and private sector to simulate response to a cyber crisis impacting the nation’s critical infrastructure. The exercise is designed to assess cybersecurity preparedness and examine incident response processes, procedures, and information sharing. It provides a venue for players to simulate the discovery of and response to a widespread coordinated cyberattack without the consequences of a real-world event. With more than 1,000 players nationwide participating in three days of live exercise play, Cyber Storm is the nation’s most extensive cybersecurity exercise series. Cyber Storm 2020 represents the seventh iteration of the National Cyber Exercise.
View CISA's Cyber Storm 2020 Fact Sheet.
Enhancing Cyber Incident Response Capabilities
The dynamic nature of cybersecurity threats demand continual review and assessment of the nation’s cyber incident response capabilities. Cyber Storm provides a unique venue where aspects of the nation’s critical infrastructure – federal, state, and local entities, along with the private sector owner and operators – can examine collective cyber incident response capabilities with the goal of identifying areas for growth and improvement.
Cyber Storm 2020 will:
- Build upon the outcomes of previous exercises and changes to the cybersecurity landscape;
- Evaluate and improve the capabilities of the cyber response community;
- Promote public-private partnerships and strengthen relationships; and
- Integrate new critical infrastructure partners, while providing an opportunity for Cyber Storm veterans to return.
Cyber Storm 2020 Quick Facts
Date: Summer 2020
Duration: 3 days of live play
- Federal Departments and Agencies
- Industry-specific Partners from critical infrastructure sectors such as: Chemical, Commercial Facilities, Communications, Critical Manufacturing, Financial Services, Healthcare and Public Health, Information Technology, and Transportation
- State and Local Governments
Cyber Storm 2020 Goal and Objectives
Cyber Storm 2020’s primary goal is to strengthen cybersecurity preparedness and response capabilities by exercising policies, processes, and procedures for identifying and responding to a multi-sector cyberattack targeting critical infrastructure.
Cyber Storm 2020’s specific objectives include:
- Examining the implementation and effectiveness of national cybersecurity plans and policies;
- Strengthening and enhance information sharing and coordination mechanisms used across the cyber ecosystem during a cyber incident;
- Reinforcing public and private partnerships and improve their ability to share relevant and timely information; and
- Exercise communications aspects of cyber incident response to refine and mature communications strategies.
- Cyber Storm I, 2006, marked the first time the cyber response community came together to examine the national response to cyber incidents.
- Cyber Storm II, 2008, exercised individual response capabilities and leadership decision making.
- Cyber Storm III, 2010, focused on response according to national-level frameworks and provided the first operational test of the National Cybersecurity and Communications Integration Center (NCCIC).
- Cyber Storm IV included 15 building block exercises between 2011 and 2014 to help communities and states exercise cyber response capabilities for escalating incidents.
- Cyber Storm V, 2016, included more than 1,000 distributed players and brought together new sectors, including retail and healthcare participants.
- Cyber Storm VI, 2018, focused on response an incident affecting to non-traditional IT devices and included new participants from Critical Manufacturing and the Automotive industry.
The Cyber Storm 2020 Final Report reviews the purpose, scope, planning and execution, scenario, and the significant findings of the exercise.