The only question that mattered during an RSA Con session on the government's cyberwar game, CyberStorm II was asked by a typical sort of fellow at these things -- " a pony-tailed RSA attendee, presumably a security pro," as InformationWeek described:
"Was there a red team and did they win?"As it turns out, war games typically have a red team – the bad guys – and a blue team – your stalwart defenders of the homeland. According to InfoWeek's Tom Claburn:
Generally speaking, the U.S. government has not been shy when it comes to proclaiming its successes.But shy they were at RSA.
"We don't have a firm answer about winning or losing," said panel moderator Jordana Siegel, acting deputy director at Department of Homeland Security. She however did allow that the exercise had taught everyone a lot.Hmm, that's pretty touchy-feely for a war game.
U.S. CERT's deputy director Randy Vickers insisted that the red team-blue team dynamic didn't quite fit Cyber Storm II. That may be Cyber Storm III. But Cyber Storm II in March was more about getting ready to be tested. It was more about networking, which is to say building interpersonal relationships across organizations among those who may one day face a real cyber crisis.