I knew they'd done this with the oil scenario, so not really suprised that they'll work one up for cyber attacks, too.

I think that would be a very interesting room to be in, if one were actually allowed to observe it...  You often wonder how those particular folks would respond to a scenario like that, although because they DO know it's simulation, you've still removed the 'fear' factor of the unknown, in that, while you DO want to show you'll react appropriately, the stress and situational awareness (or lack thereof) in a TRUE attack scenario (where real systems are already down, or compromised, etc,) would be much less 'real' / minimized.

Wonder how much info, if any, the public will actually hear about.  After all, explaining how something like this is handled, publicly, just gives attackers more thought process to try to workaround similar response methodologies, in the event of a real cyber attack.  Assumably, actual 'details' of what are done will not be made public, and we'll only be told that those in the know have decided appropriate actions and behaviors were taken (or not.)

Hey, unsupported!

I definitely wasn't debating the seriousness of the exercise, nor the meaningfulness of the outcome.  Any preparation, even in a less than 'perfect' simulation, is better than none at all.  I'm all for the exercise, just not so sure that making it public knowledge is the best thing, as the public's view of said outcomes / simulations is totally different from those of seasoned security folks, and the general public would likely be much more critical of the process and expected outcomes, even with much less 'informed' knowledge of the procedures and severity.

I'd agree with you, though, as I'd LOVE to see the lessons learned, etc.  Just questioning if the public ever will (or should, for that matter!)

L-O-L!!!  'nuff said!  I'm in full agreement, as it's definitely nicer to come discuss with folks who understand the reality of it, rather than just the hype and 'fantastic'-ness of it all.

If your buddies are involved, definitely keep us posted on this.  I'd really like even a 'mini-synopsis' of the whole ordeal, when they finish it up.

Agreed, fully.  We understand the purpose of the exercises.  It's not about the specific systems, etc, it's about testing leadership and incident response methodology, in general.  

However, as I'd said, general public (not the IT-'informed') might not understand this, to the same degree, and thus, my questioning the public-release nature, even of the event taking place, let alone any detail on the outcomes, beforehand.  I think it might have fared better had they gone through the drill, then after the fact, gone over the results of the response side of things, rather than opening it up, pre-simulation, to scrutiny or 'blind' questions from media, etc.  

From the standpoint of those involved (industry analysts and lawmakers, as well as the folks formerly holding the critical positions,) I fully agree with their perspectives and knowledge being put to use for this, as well as for the lawmakers having opportunity to lend their insight and reasoning to form new policies and the like, in relation to this type of situation.  Mind you, I know I'm being overly cautious / critical, and that ultimately, those in the know will NOT release any data that they shouldn't.  (We are talking about politicians, right?   )  Personally, though, I just don't think it was as wise to open the floor to public media, even just in acknowledgement, this soon, but rather, I'd have waited until after the exercise is concluded, to brief the rest of the world.  (And then, again, only to brief them on generalities, and nothing specific.)  Even though we are NOT talking about specific security and infrastructure systems and the like, directly, even giving a firm understanding of how the TEAM of invididuals works together, in this scenario, allows others to try to manipulate that system, and come up with other means to an end.

Even in penetration testing and security analysis, we often examine our clients' security policies for backup, data handling, incident handling / prevention, etc.  That doesn't mean that if we question any of it, disagree or even agree with it, that we release it to other individuals outside the scope of the testing.  It defeats the purpose of confidentiality, ethics and common sense.  And while yes, this IS the United States' critical infrastructure we are talking about, that doesn't preclude US citizens, some of whom HAVE ill intentions, from using any given data against the system.

Understand, I fully agree with everything stated in this thread, from the nature of the testing and simulation, to the lessened severity of the outcome of simply simulating, and awareness of the results, per se.  And these are FORMER post holders, not present, so there's no guarantee that the responses will be the same as they'd be with the current position holders involved in a real scenario.  However, IF protocol is in place, as it SHOULD be, then 'technically' they should be following set procedures, etc, and those procedures do NOT need to be publicly scrutinized or disclosed, as it's the job of those in the proper positions of authority to adequately understand, react and rectify these types of situations, by procedural guidelines.  (That's the point of this, right, to analyze current procedures and modify / change / better them, to accommodate future changes in technology and methodology, in order to come up with BETTER ones?)

That's my opinion, and again, I fully agree with the rest of the points by myself, unsupported, and Ash Chole.

Again, from the security-realm / world perspective, I'd still be interested in hearing any results of the procedural outcome, so if you hear anything, unsupported, let us know.

LOL...  It'd be nice if war were that simple, even when waged on computers...  But yes, I'd agree with you both, that in the end, the technology of warfare is less likely to be physical, and more logical.  Thus the even greater need to train up and prepare those in our line of work.

To follow the event head over to the following links:

http://twitter.com/BPC_Bipartisan
http://www.bipartisanpolicy.org/events/cyber2010
http://smartgridsecurity.blogspot.com/

Ok, so, one of the first comments I see from officials is about retaliation.  For realz?  What about covering our asses and getting us back up and running?  At least Canadia is taking the hit as well.

Stay up to date, http://twitter.com/BPC_Bipartisan