Regional Energy Critical
Infrastructure Resilience Conference

Exercise Overview

In the initial stages of the August 2003 Blackout in the Northeastern US and Ontario, there was widespread concern that the power outage was the result of a terrorist attack. What if there were another regional incident today and the cause was not known? At the Regional Energy Critical Infrastructure Resilience Conference, Verizon Security Solutions will conduct a tabletop simulation exercise of a mock security incident which is further complicated by targeted or localized cyber-crimes and/or incidents.

This mock security incident exercise will be played out in an all-day series of interactive tabletop sessions for a limited number of participants. The scenario will start with an unknown natural or technological event that causes an interruption of electrical power in the Pittsburgh region. The initial event will be characterized by unreliable or absent power and communications and/or other utilities, with no indication of the root cause or whether the outage may be a prelude to a larger terrorist attack. The participants will not know any further details of the scenario until they are discovered from the playbook during the exercise sessions.

Exercise participants will be assigned to breakout sessions representing specific industries such as utilities, finance, local government, and hospitals. Specific organizational roles will be assigned within these industries to support an incident response plan to continue business operations and work through a recovery strategy. Each breakout group will behave according to its charter and react based on information being disclosed by the industry event Moderator throughout the day. The industries also will be supplied Media reports throughout the day—that you may or may not consider credible.

The goal of the exercise is to explore how different organizations and industries must work together to respond to events based on their organizational mission or needs, and how their actions and decisions could conflict or mesh with the plans of others in their industry or local community. During this event, the industry breakout sessions will be physically separated and only provided scenario details specific to their industry. Participants in each industry group may communicate electronically with the other industries’ participants, but won’t know to what information the other has been exposed—except for the media reports seen by all industries. These events will play out over multiple “virtual” days; participants will need to work together within their industry and in communicate with other industries to attempt to maintain operations and take care of the community, their customers, and staff.

Verizon Security Services has conducted these exercises New York City and Silicon Valley with tremendous success and to the enjoyment of all the participants. Participants will be able to directly apply the insights gained and lessons learned during the day regarding approaches, strategies, processes and techniques to a review of the Computer/Network Incident Response and Business Continuity Planning processes in their own organizations. This exercise should not be missed by anyone involved in or concerned about Information Security, Business Continuity Planning, Incident Response, Crisis and Risk Management, Corporate Security, or Audit.