|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cyber Storm Findings
On Thu, 14 Sep 2006 [email protected] wrote: > > A quote from the DHS's recently released report about their Cyberstorm > exercise in Feb: > http://www.dhs.gov/interweb/assetlibrary/prep_cyberstormreport_sep06.pdf > > Finding 3: Correlation of Multiple Incidents between Public and Private > Sectors. Correlation of multiple incidents across multiple infrastructures > and between the public and private sectors remains a major challenge. The > cyber incident response community was generally effective in addressing > single threats/attacks, and to some extent multiple threats/attack. > However, most incidents were treated as individual and discrete events. > Players were challenged when attempting to develop an integrated > situational awareness picture and cohesive impact assessment across > sectors and attack vectors. > > And a question: > Do network operators have something to learn from these DHS activities > or do we have best practices that the DHS should be copying? On the level of response and mitigation on networks, they have a lot to learn. On coordinated response and strategic view of situations across networks, we all definitely can learn from them, only that I don't believe such issues affect the work of individual network operators to that level. "Is my network up and running?" Is the Internet up and running or is my competitor up and running is secondary until the point where it affects you. I don't see it as a bad thing, as that's the job description, but that will become more apparent in the future. > > --Michael Dillon >
|