DHS Cyber Storm III Fact Sheet

Dublin Core


DHS Cyber Storm III Fact Sheet


This fact sheet provides background of Cyber Storm, the Cyber Storm III scenario, and provides updates. This fact sheet summarizes Cyber Storm in a very clear, concise way.

Cyber Storm III is the most recent cyberwar exercise and aims to provide a "blueprint" for government and industry workers to follow when cyber attacked in the future. People qualified to protect the United States are not just considered men and women soldiers. Now, those who can sit at computers are called to defend the country. The nation's security plan is changing as "cyber" security becomes more prolific.

The Education and Journalism directories include the Cyber Gaming Collection.


Document Item Type Metadata



The U.S. Department of Homeland Security’s (DHS) Cyber Storm exercise series is part of the Department’s ongoing efforts to assess and strengthen cyber preparedness; examine incident response processes in response to ever-evolving threats, and enhance information sharing among federal, state, international and private sector partners.

The Cyber Storm series simulates large-scale cyber events and attacks on the government and the nation’s critical infrastructure and key resources (CIKR)—so that collective cyber preparedness and response capabilities can be measured against realistic and credible national-level events. DHS’s National Cybersecurity Division (NCSD) is sponsoring the latest installment of the series—Cyber Storm III, which will include thousands of players across government and industry and more than 1,500 injects of data to keep participants on their toes.

Cyber Storm III Scenario
The Cyber Storm III exercise scenario reflects the increased sophistication of our adversaries, who have moved beyond more familiar Web page defacements and Denial of Service (DOS) attacks in favor of advanced, targeted attacks that use the Internet’s fundamental elements against itself—with the goal of compromising trusted transactions and relationships.
The scenario will incorporate known, credible technical capabilities of adversaries and the exploitation of real cyber infrastructure vulnerabilities, resulting in a range of potential consequences—including loss of life and the crippling of critical government and private sector functions.

Throughout the exercise, the goal of exercise players will be to identify, in real time, the ongoing attack and mitigate the compromises and vulnerabilities that allowed it to occur, as well as possible consequences to compromised systems. At its core, the exercise is about resiliency—testing the nation’s ability to cope with the loss or damage to basic aspects of modern life.

What’s New?
Cyber Storm III builds upon the success of previous exercises; however, enhancements in the nation’s cybersecurity capabilities, an ever-evolving cyber threat landscape and the increased emphasis and extent of public-private collaboration and cooperation, make Cyber Storm III unique.

National Cyber Incident Response Plan
Cyber Storm III is the primary vehicle to exercise the newly-developed National Cyber Incident

Response Plan (NCIRP)—a blueprint for cybersecurity incident response—to examine the roles,
responsibilities, authorities, and other key elements of the nation’s cyber incident response and
management capabilities and use those findings to refine the plan.

 Increased Federal, State, International and Private Sector Participation
o Administration-Wide—Seven Cabinet-level departments including Commerce, Defense, Energy, Homeland Security, Justice, Transportation and Treasury, in addition to the White House and representatives from the intelligence and law enforcement communities.
o Eleven States—California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas, Washington, as well as the Multi-State Information Sharing and Analysis Center (ISAC)—compared to nine states in Cyber Storm II.
o 12 International Partners—Australia, Canada, France, Germany, Hungary, Japan, Italy, the Netherlands, New Zealand, Sweden, Switzerland, the United Kingdom—compared to four international partners in Cyber Storm II.
o 50 Percent More Private Sector Partners—We will have 60 private sector companies playing in Cyber Storm III, up from 40 in Cyber Storm II; several will participate on-site with DHS for the first time. DHS worked with representatives from the Banking and Finance, Chemical, Communications, Dams, Defense Industrial Base, Information Technology, Nuclear, Transportation, and Water Sectors as well as the corresponding Sector Coordinating Councils and ISACs to identify private sector participants.

National Cybersecurity and Communications Integration Center Cyber Storm III will be the first opportunity to test the new National Cybersecurity and Communications Integration Center (NCCIC)—which serves as the hub of national cybersecurity coordination and was inaugurated in October of 2009.



Department of Homeland Security, "DHS Cyber Storm III Fact Sheet," in Cyberwar Resources Guide, Item #16, https://www.projectcyw-d.org/resources/items/show/16 (accessed November 28, 2021).