Cyber Storm 2020: National Cyber Exercise

Cyber Storm 2020, sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), was held in August 2020. Cyber Storm 2020 brought together the public and private sector to simulate response to a cyber crisis impacting the nation’s critical infrastructure. Cyber Storm 2020 was the first Cyber Storm exercise in the distributed virtual environment and included over 2,000 players nationwide participating in three days of live exercise play. Cyber Storm 2020 represented the seventh iteration of the National Cyber Exercise.

View CISA's Cyber Storm 2020 Fact Sheet.

Enhancing Cyber Incident Response Capabilities

The dynamic nature of cybersecurity threats demand continual review and assessment of the nation’s cyber incident response capabilities. Cyber Storm provides a unique venue where aspects of the nation’s critical infrastructure – federal, state, and local entities, along with the private sector owner and operators – can examine collective cyber incident response capabilities with the goal of identifying areas for growth and improvement.

Cyber Storm 2020 focused on:

  • Build upon the outcomes of previous exercises and changes to the cybersecurity landscape;
  • Evaluate and improve the capabilities of the cyber response community;
  • Promote public-private partnerships and strengthen relationships; and
  • Integrate new critical infrastructure partners, while providing an opportunity for Cyber Storm veterans to return.

Cyber Storm 2020 Quick Facts

Date: Summer 2020

Duration: 3 days of live play

Exercise Stakeholders:

  • Federal Departments and Agencies
  • Industry-specific Partners from critical infrastructure sectors such as: Chemical, Commercial Facilities, Communications, Critical Manufacturing, Financial Services, Healthcare and Public Health, Information Technology, and Transportation
  • International
  • State and Local Governments

Cyber Storm 2020 Goal and Objectives

Cyber Storm 2020 was designed to to strengthen cybersecurity preparedness and response capabilities by exercising policies, processes, and procedures for identifying and responding to a multi-sector cyberattack targeting critical infrastructure.

Cyber Storm 2020’s specific objectives were to:

  • Examining the implementation and effectiveness of national cybersecurity plans and policies;
  • Strengthening and enhance information sharing and coordination mechanisms used across the cyber ecosystem during a cyber incident;
  • Reinforcing public and private partnerships and improve their ability to share relevant and timely information; and
  • Exercise communications aspects of cyber incident response to refine and mature communications strategies.

Past Highlights

  • Cyber Storm I, 2006, was the first time the cyber response community came together to examine the national response to cyber incidents.
  • Cyber Storm II, 2008, exercised individual response capabilities and leadership decision making.
  • Cyber Storm III, 2010, focused on response according to national-level framework and provided the first operational test of CISA Central.
  • Cyber Storm IV included 15 building block exercises between 2011 and 2014 to help communities and states exercise cyber response capabilities for escalating incidents.
  • Cyber Storm V, 2016, included more than 1,000 distributed players and brought together new sectors including retail and healthcare participants.
  • Cyber Storm VI, 2018, focused on response an incident affecting to non-traditional IT devices and included new participants from Critical Manufacturing and the Automotive industry.

Final Report

The Cyber Storm 2020 Final Report reviews the purpose, scope, planning and execution, scenario, and the significant findings of the exercise.

Download the Final Report