Training, Security Strategy, Plan, Budget

Small broadband ISAC and Booz Allen ready massive tabletop exercise

(“Fiber Optic Repeater Equipment – Rural Broadband, Cook, Minnesota” by Tony Webster is licensed under CC BY-SA 2.0)

CyberShare, the small broadband providers' information sharing and analysis center, will offer a free tabletop exercise for the industry in December.

The tabletop, to be hosted by Booz Allen Hamilton, was intended to be a one time event. But quickly drawing enough interest that CyberShare and its parent organization, the rural broadband association NTCA, are planning a second date.

"I do think there is this false narrative that the smaller broadband providers are the weak link in the cyber chain and that is not the case," said NTCA vice president of policy, Jill Canfield. "One of the purposes of this event is to bring awareness to the fact that small providers are paying close attention to cybersecurity, and taking it very seriously." And, with this event, the hope is that any company who may have missed something in their response plan can learn from their colleagues about different ways to approach a problem."

Players will be split into a number of teams, giving participants exposure to a wide assortment of planning strategies across the industry.

The tabletop is being sponsored by ACA Connects, Competitive Carriers Association, National Rural Electric Cooperative Association, NRTC, NTCA, the Rural Wireless Association, Telcom Insurance Group, and the Wireless Internet Service Providers Association.

Booz Allen will run their "Breached!" simulation, which the firm says is designed to allow executives of different experience levels to get their hands a little dirty and wade through what a breach might be like.

"With that in mind, this exercise will not be a test. Rather it will be an opportunity for participants to grapple with the typical enterprise considerations that ransomware attacks create for key executive decision-makers, said Howard Foard, principal and director at Booz Allen, a leader with its wargaming and simulations practice.

Rural providers face threats common to the industry, but may have to do so with fewer resources, said Canfield.

"There's really nothing unique about the kinds of threats they would face, or how they would respond to threats. The only thing that's really unique is that they're smaller companies so they have smaller staff, and potentially fewer resources. So it's about making more of an effort to make sure that those resources are used efficiently and effectively," she said.

Wargames allow trainees to build muscle memory in fending off attacks and practice anticipating how attackers may respond, said Foard. The environment is fun but the lessons are immediately applicable.

"Ultimately, we expect the participants will emerge from this experience far more informed of the existential risks and challenges presented by a cyber-attack and equipped with lessons learned that they can begin to implement when they go to work the next day," he said.

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.