Six companies from the telecommunications, finance and energy sectors came together this week to host a cyberattack simulation to get a sense of what is — and isn’t — working in their defense strategies.
The big picture: This week’s event marked the first time companies across these three critical infrastructure sectors have hosted a live-action simulation together.
- This cyber simulation was entirely run and hosted by private companies. Typically, the federal government has taken the lead in organizing such simulations.
The intrigue: Companies brought in both their defensive and offensive cyber teams, as well as their IT employees, to experience live attacks on actual networks and laptops provided just for this event.
- The typical tabletop exercise is a discussion between executives about a hypothetical event.
- In this case, offensive teams got to pretend to be malicious hackers trying to break into each others’ companies, meaning participants didn’t have a preplanned simulation to prepare for.
Details: AT&T, Lumen, Mastercard, Morgan Stanley, Southern Co. and Southern California Edison participated in the event, held at AT&T’s Dallas headquarters on Wednesday and Thursday.
- Each team received points whenever they successfully blocked attacks or stole data, depending on what side they were on.
- Jason Lish, chief security officer at telecom provider Lumen, tells Axios the simulation was years in the making, with the pandemic postponing plans for the in-person event until now.
Between the lines: On Thursday, company CISOs met with representatives from the Cybersecurity and Infrastructure Security Agency, the US Secret Service and the Department of the Treasury to discuss their takeaways and how the federal government can better assist companies during these incidents.
- Lish says he wants to see if there’s a way to host similar events with members of CISA’s Joint Cyber Defense Collaborative — a group of companies and federal offices that share cyber threat information with each other.
- Enhancing communication between the government and the private sector during cyberattacks has been a major Biden administration priority.
What they’re saying: “It’s great to see how others react and coordinate and communicate, and you can take from that to update your own protocols and ensure that you’re being as efficient as possible,” Bill O’Hern, global chief security officer at AT&T, tells us. Axios.
What’s next: The companies are now looking at repeating the exercise in the future and at ways to broaden the number of participants.
- Mastercard CISO Ron Green tells Axios he is particularly interested in how they can apply the lessons learned from this to help small to midsize companies, too.
Sign up for Axios’ cybersecurity newsletter Codebook here.