cyber exercises Team

Jim
Jim is an author of numerous cyber, network and homeland security books, policies, white papers, case studies and articles. He is also a security practitioner and trainer. Jim's areas of expertise are cyber, network and infrastructure security, security policy, secret communications, exercise creation and exercise moderation. Jim's emphasis is on hardening carrier and service provider infrastructure, smart grid continuity of operations, cyber table top exercises and adding cybersecurity components to existing exercises. Jim is an HSEEP certified exercise writer. email

TomT
TomT is a former security architect for an international airport. Tom has worked with DHS, TSA and state agencies on airport and school security projects and is currently engaged in smart grid deployment, resilience and security with major regional and national power grids. TomT has expertise in a wide area of disciplines with an emphasis on cellular and wireless data security, video surveillance and Electro-Magnetic Pulse (EMP)/High Energy Radio Frequency (HERF) weapons. TomT has also consulted with the United States Air Force on detection and electronic disarming of Improvised Electronic Devices (IED). TomT is HSEEP certified as an exercise writer. email

Bruce
Bruce is a former DHS contractor currently working in secure and resilient regional deployment of smart grid technology. Bruce is an owner/operator of a Wireless Internet Service Provider (WISP). Bruces areas of expertise and concentration include hardening, risk mitigation, forensics and response for 802.x and cellular wireless security in government, commercial and residential environments. Bruce also has extensive knowledge in the project management, operations, business and deployment of secure wireless projects. Bruce has an HSEEP certification as an exercise writer. email

Bill
Bill is a former Director of the Air Force Research Institute. He has been a first responder on call-outs ranging from the bombing of the Murrah Federal Building in Oklahoma City to recent work in the Middle East. Bill is a prolific scenario writer whose volumes of work are classified. Bill's expertise and passion is wireless security and related areas. Bill has broad and deep experience in wireless security on a range of devices, wireless risk mitigation, Improvised Explosive Device detection and blocking and EMP/HERF.email

Patrick
Patrick's "day job" is as a chemical engineer in a secure chemical manufacturing facility. Patrick writes a blog and does training and consulting on Chemical Facility Anti-Terrorism Standards (CFATS) that is followed closely by many in the emergency management, homeland security and counter-terrorism areas. Patrick's scenarios are backed up with sound, practical, real-world knowledge of the type that translates directly into actionable insights and information. email

TomG
TomG is a Chief Exercise Designer for a state Emergency Management Agency. While Tom's exercise work covers a broad swath of territory ranging from accidental chemical spills to intentional criminal and terrorist acts he has a great deal of knowledge and experience in natual disasters, management and mitigation and has a strong reputation in flooding scenarios and recovery planning. Tom is an HSEEP senior scenario writer and is a mentor for many of the other scenario writers both in terms of the scenario content but also form and standards. email

Keith
Keith is Emergency Management Coordinator for a mid-sized American city and county. Keith has experience with small urban and rural exercises including a wide range of traditional scenarios and exercises involving both man-made and natural disasters. Keith has day-to-day job responsibility for actual emergency preparedness and brings a strong real-world focus to the cyber exercises team. Keith's emphasis is on exercise structure and content and HSEEP-compliance. Keith is cyber exercises' preferred after action writer or coach. Keith is a senior HSEEP exercise writer. email

Kathy
Kathy recruits persons for individual roles in public cyber exercises. She also assists in facilitation and moderation of exercises. Kathy brings over a quarter of a century of experience to her critical job of selecting the proper individuals to assure the success of public exercises. email

Cal
Cal holds a current CISSP and comes with an outsourcing and cloud services operational background, most recently in a global financial services environment. He is the Cyber Exercises go to guy on policy. Not only was Cal responsible for all policy for the GNN Scenario but Cal socialized the policy among the C-Level Executives, senior managers and practitioners. Cal was also an on-stage participant in the GNN Exercise. email

Ed
Ed is a former US military officer who is very familiar with exercises. Ed supports Cyber Exercises clients in all facets of delivery of cybersecurity exercises. Ed is a CISSP and is very highly regarded in the security community. Ed was an on-stage participant in the GNN Exercise. email

Mark
Mark is a former US military officer and former CISO for the White House. Cyber Exercises clients especially like Mark's insightful twists and keen insights. Mark is heavily involved in cyberdefense and cyberoffense strategy. Mark was an on-stage participant in the GNN Exercise. email

Contact Information
cyber exercises
PO Box 28735
Atlanta, Georgia 30358-0375
Email: info@cyberexercises.com

Phone: (770) 984-5800

Welcome to cyber exercises

Cyber exercises provides expertise in the creation, collaboration and execution of table top and live action exercises which are entirely cyber-specific or which have cyber components. Our expertise ranges from phyical security and surveillance to chemical facilities to ports and airports to smart grid and many other areas.

While cyber exercises takes pride in the number of different types of passports and security clearances our members hold, or have held, we make a point that our efforts have been nearly 100% within the "lower 48" US states. We are working to assist agencies, organizations, associations and enterprises to protect the homeland on US soil using a combination of US-sourced knowledge and expertise and cultural, religious, ideological and technical expertise gained "over there" but put to use to create realistic scenarios, exercises and knowledge transfer opportunities "over here". We also have global visibility to the latest network and social engineering exploits through our large network of contacts working behind the scenes in a wide range of operational areas.

PUBLIC EXERCISES

Public exercises are created and executed for conferences, associations and management groups with little or no security or clearances. Therefore they are available to a wider audience without security checks. Though they contain less detailed operational intelligence they are, nonetheless, very targeted and of high value to the subject organizations. In many cases there will be a more secure HSEEP version of the exercise.

Master Collaboration Portal: MASTER PORTAL

[SCHOOL] High school, hostages, social engineering, warchalking, Wireline Equivalent Privacy (WEP), IEEE 802.11 wireless networks, WiFi Protected Access (WPA, WPA2), Temporal Key Integrity Protocol (TKIP), video, surveillance, Internet, Internet security
     Status: Public/Closed
     Exercise Program Guide (EPG-editable .doc): SCHOOL EPG
     Collaboration Portal: SCHOOL Scenario
     After-Action Report: Available / Confidential (FOUO)
     Request AAR: SCHOOL Scenario AAR Request

[PUBLIC] Encryption, Facebook, Social Networking, MySpace, Google, LinkedIn LinkedIn, Pretty Good Privacy (PGP), PSAP Bombing, SWATTING, Public Switched Telephone Network (PSTN), Skype, Steganography, Twitter, Tweets, YouTube
     Status: Public/Closed
     Exercise Program Guide (EPG-editable .doc): PUBLIC EPG
     Collaboration Portal: PUBLIC Scenario
     After-Action Report: Available / Confidential (FOUO)
     Request AAR: PUBLIC Scenario AAR Request

[INFRASTRUCTURE] 2G Wireless, Global System for Mobile (GSM), SMS, text messages, 3G Wireless, Amplitude Modulated (AM) Radio, Analog Television, Digital Television (DTV), Cable TV, (Optical) Fiber, Frequency Modulation (FM) Radio, Mesh Wireless, Metro Fiber, Microwave Radio, Multimode Optical Fiber, Supervisory Control And Data Acquisition (SCADA), Single Mode Optical Fiber, Wireless Local Loop (WLL), Plain ol' Telephone Service (POTS), CMDA. WiFi, WiMAX, IEEE 802.16, Broadband Wireless Access.
     Status: Public/Closed
     Exercise Program Guide (EPG-editable .doc): INFRASTRUCTURE EPG
     Collaboration Portal: INFRASTRUCTURE Scenario
     After-Action Report: Available / Confidential (FOUO)
     Request AAR: INFRASTRUCTURE Scenario AAR Request

[GNN] High Energy Radio Frequency, HERF, HERF Weapons, Electro-Magnetic Pulse, EMP, EMP weapons, broadcasting, HVAC, social engineering, business continuity, backup plan, ideological motivation, terrorist cells, secret communication, encryption, steganography, VoIP.
     Status: Public/Open
     Exercise Program Guide (EPG-editable .doc):
     Collaboration Portal: GNN Scenario
     After-Action Report: Not Available
     Request AAR: GNN Scenario AAR AVAILABLE 11/15/2012

Private exercises have either been created by cyber exercises under stringent security guidelines, and often contain sensitive information, or cyber exercises has facilitated the scenario creation and/or collaboration process for another organization who has requested that the scenario be kept private.

[MEDICAL] Encryption, HIPAA, senator, political, press, leaks, wireless, 802.11, WEP, WEP crack, VNS, hospital, campus.
     Status: Private/Closed
     Exercise Program Guide (EPG-editable .doc): NOT AVAILABLE
     Collaboration Portal: PRIVATE
     After-Action Report: NOT AVAILABLE
     Request AAR: NOT AVAILABLE

[PIPELINE] Command and control, SCADA, video, video surveillance, RFP, radio fingerprinting, suspicious activity reporting, SAR, hacking, radio frequency forensics.
     Status: Private/Closed
     Exercise Program Guide (EPG-editable .doc): NOT AVAILABLE
     Collaboration Portal: PRIVATE
     After-Action Report: NOT AVAILABLE
     Request AAR: NOT AVAILABLE

[STOCK] wikipedia, records falsification, pump and dump, crowd psychology, automated stock trades, insider information, dun & bradstreet, standard and poors, SEC, Securities and Exchange Commission.
     Status: Private/Closed
     Exercise Program Guide (EPG-editable .doc): NOT AVAILABLE
     Collaboration Portal: PRIVATE
     After-Action Report: NOT AVAILABLE
     Request AAR: NOT AVAILABLE

[REPURPOSE] Heavy machinery theft, backhoe, frontloader, Craig's list, ATM, automatic teller machine, ATM theft, ATM breach, ATM robbery, terrorist funding, organized crime, ATM security, ATM vulnerabilities.
     Status: Private/Closed
     Exercise Program Guide (EPG-editable .doc): NOT AVAILABLE
     Collaboration Portal: PRIVATE
     After-Action Report: NOT AVAILABLE
     Request AAR: NOT AVAILABLE

[AIRPORTHERF] High Energy Radio Frequency, HERF, HERF Weapons, Electro-Magnetic Pulse, EMP, EMP weapons, business continuity, backup plan, ideological motivation, terrorist cells, airport security, perimeter security, security buffer, secure perimeter, RF forensics, HERF sensors, HERF forensics.
     Status: Private/Closed
     Exercise Program Guide (EPG-editable .doc): NOT AVAILABLE
     Collaboration Portal: PRIVATE
     After-Action Report: NOT AVAILABLE
     Request AAR: NOT AVAILABLE

[MOTORCADE] Encryption, scanning, radio fingerprinting, radio profile, Global Positioning System, GPS, Google Earth, IP location, geolocation, IP address location. Secret Service, motorcade, dignitary, dignitary protection, airport security, hotel security, security in transit.
     Status: Private/Closed
     Exercise Program Guide (EPG-editable .doc): NOT AVAILABLE
     Collaboration Portal: PRIVATE
     After-Action Report: NOT AVAILABLE
     Request AAR: NOT AVAILABLE