Vermont’s disaster prep exercise includes cyber response

Vermont’s disaster prep exercise includes cyber response

Vermont is gearing up for an exercise to test various aspects of cyber defense and disaster response within the state. 

Vigilant Guard will take place from July 27 to Aug. 2.  The exercise will include participants from Vermont municipalities, some local fire incident commanders, most of the hospitals across the state, the Federal Emergency Management Agency, as well as the Vermont’s Division of Emergency Management and Homeland Security, the agency’s director Christopher Herrick, told GCN. 

This is the first time Vermont is participating in an exercise of this scale to test communication systems and procedures. Event organizers want to push the capabilities of participants, Herrick said, to the point that they call for additional resources, such as federal assistance.  Finding the breaking point during the exercise will help state agencies and the National Guard improve responses in the event of a real disaster. 

As part of the Vigilant Guard exercise, the Vermont National Guard will provide a cyber exercise range that will simulate an intrusion within a power distribution network. The eight-hour cyber exercise is designed to test incident response handling and civilian incident command coordination.

While Vigilant Guard will take place in Vermont, the cyber range aspect of the exercise will be a virtualized network that will replicate a power company’s operations network and supervisory control and data acquisition (SCADA) systems, according to a contract solicitation

Cyber ranges provide a safe space to conduct operations without affecting live networks.  “A cyber range is a place where we go to practice our skills just like a rifle range,” Lt. Col. Henry Capello, a member of  the Louisiana Army National Guard and the Cyber Shield 2016 exercise commander, said.  “By having a cyber range we can allow the bad things to happen every day and practice defending [the network]. And because it’s in a range environment, we don’t have to worry about damage to live production systems.”

Other Guard units as well as active duty military and federal agencies have recently participated in similar cyber defense exercises.  Drills that test the communications and interoperability of agencies, systems and personnel -- ranging from government and military agencies to the private sector, which owns the vast majority of the nation’s critical infrastructure -- are imperative disaster preparation.  As several officials have stressed, a national crisis is not the time to be exchanging business cards; all players must be familiar with each other and protocols when an incident occurs. 

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group