CISA conducts cyber and physical exercises with Federal, State, Local, Tribal, Territorial, private sector, and international partners to enhance security and resilience of critical infrastructure. These exercises provide stakeholders with effective and practical mechanisms to examine plans and procedures, potentially identify areas for improvement, and share best practices. These exercises may also inform future planning, technical assistance, training, and education efforts. CISA offers a suite of free exercise services, resources, and materials.
Exercise Planning and Conduct Services
CISA works with partners to design and conduct exercises that range from small-scale, limited-scope, discussion-based exercises to large-scale, internationally-scoped, operations-based exercises, as well as virtual exercises. To assist stakeholders in developing and revising integrated plans, CISA provides templates, planning workshops, and conducts validation exercises.
Exercises-in-a-Box
CISA has a scenario library and a number of ready-to-use exercise packages – known as exercises-in-a-box - that partners can customize to initiate discussions within their organizations about their ability to address threats. Each package is scalable and includes template exercise objectives, scenario, and discussion questions, as well as a collection of references and resources. Available scenarios cover a broad array of cybersecurity and physical security topics such as natural disasters, industrial control systems, election security, ransomware, vehicle ramming, insider threat, active assailant, and unmanned aerial systems.
The Elections Cyber Tabletop Exercise Package is one example of an exercise-in-a-box. State, local, and private sector partners can use this resource to initiate discussions within their organizations about their ability to address the potential threats to the election infrastructure.
National Exercises
CISA conducts and participates in various national exercises, including Cyber Storm and Tabletop the Vote. Sponsored by CISA, Cyber Storm is the Nation’s most expansive cyber exercise and represents one of the few opportunities for the private sector to come together with all levels of government to address cyber response as a whole community. Cyber Storm 2020 will build on the success and momentum of six prior iterations to help critical infrastructure sector and government participants exercise internal incident response policies and external coordination and information sharing capabilities.
Tabletop the Vote is CISA’s national election cybersecurity exercise. It provides an opportunity for federal partners, state and local election officials, and vendors to identify and share best practices and areas for improvement related to elections security. Tabletop the Vote 2020 is slated for Summer 2020.
To find out more about any of these activities please contact CISA.Exercises@cisa.dhs.gov