North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cyber Storm Findings

  • From: Gadi Evron
  • Date: Thu Sep 14 07:59:14 2006

On Thu, 14 Sep 2006 [email protected] wrote:
> A quote from the DHS's recently released report about their Cyberstorm 
> exercise in Feb:
> Finding 3: Correlation of Multiple Incidents between Public and Private 
> Sectors. Correlation of multiple incidents across multiple infrastructures 
> and between the public and private sectors remains a major challenge. The 
> cyber incident response community was generally effective in addressing 
> single threats/attacks, and to some extent multiple threats/attack. 
> However, most incidents were treated as individual and discrete events. 
> Players were challenged when attempting to develop an integrated 
> situational awareness picture and cohesive impact assessment across 
> sectors and attack vectors.
> And a question:
> Do network operators have something to learn from these DHS activities
> or do we have best practices that the DHS should be copying?

On the level of response and mitigation on networks, they have a lot to
learn. On coordinated response and strategic view of situations across
networks, we all definitely can learn from them, only that I don't believe
such issues affect the work of individual network operators to that level.

"Is my network up and running?"

Is the Internet up and running or is my competitor up and running is
secondary until the point where it affects you.

I don't see it as a bad thing, as that's the job description, but that
will become more apparent in the future.

> --Michael Dillon