Internal Communication Needs to
get Better"> "We dont want to get into an actual event and see that we have shortcomings. This is the time to look at those factors in advance," said George W. Foresman, under secretary for preparedness at the DoHS. Among the findings detailed in the report was the conclusion that correlation of multiple incidents across public and private IT infrastructures remains a "major challenge."Test leaders indicated that threat response coordination became more challenging as the volume of cyber-events increased. The group said that interagency communication within the government was acceptable, but needs further refinement, specifically the manner in which different bodies, including the federal governments IIMG (Interagency Incident Management Group) and NCRCG (National Cyber Response Coordination Group), work together. Click here to read about hackers recently jailed for Zotob worm attack. The report said that the contingency planning, risk assessment and definition of roles and responsibilities across the entire cyber-incident response community must solidify. On the positive side, Cyber Storm found that the existing framework between international governments operated efficiently in terms of sharing information about domestic and international cyber-attacks. The report made recommendations for improving performance in future tests, including more cyber-threat training and simulation programs, more services to inform the general public about attacks and new priority planning for dealing with threats as they arrive. In a separate event, Vincent Weafer, senior director of security response at anti-virus market leader Symantec, was one of a panel of experts who testified before the U.S. House Commerce Subcommittee on Telecommunications and the Internet on Sept. 13 about efforts to protect the nations critical infrastructure, economy and consumers in the face of IT-related threats. In an interview with eWEEK after his testimony, Weafer said that he was encouraged by the questions he received from legislators over his talk, which highlighted the need to protect individual organizations and businesses as part of protecting public confidence in IT and online infrastructure. Weafer said that there is the possibility of critical infrastructure going down, but peoples confidence in doing business online is the bigger risk right now. "Theyre worried about online transactions and this is affecting businesses like banks who cannot afford to go back to a brick-and-mortar model," Weafer said. "Its as much about protecting small companies and the effect that their loss of business has on the economy, and looking at short-term outbreaks where people understand that they can be affected by things like natural disasters but what we heard today was encouraging," he said. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
While the cyber incident response community was generally effective in addressing single threats, and some distributed attacks, the DoHS said that most of the tests were treated as individual and discrete events, making it less likely for organizations to share data that could help point to widespread events.