Garrett College and First United Bank Partner to Facilitate Simulated Cyber Disaster Exercise



On Thursday, April 27, 2017, Garrett College hosted a training event in collaboration with partner First United Bank that simulated a cybersecurity incident, using a device called a Virtual Table Top exercise (VTTX). The exercise was offered by the Integrated Emergency Management Branch of Department of Homeland Security (DHS)/Federal Emergency Management Agency (FEMA)/Emergency Management Institute, and was just one of a series of monthly exercises using a video teleconference platform to reach community-based training audiences around the country and provide a virtual forum for disaster training. Several other organizations from the Garrett County community sent representatives to participate or simply observe the exercise. The college’s partner in the exercise, First United Bank, acted as the facilitator and sponsored a buffet lunch for all parties prepared by Goehringer’s Catering.  In all, roughly twenty individuals from First United Bank, Garrett County Department of Technology and Communications (DoTCom), Garrett County Community Action, a visiting cybersecurity professor from Allegany College of Maryland, as well as faculty, staff and students from Garrett College attended the round-table event, held in the Mac lab classroom of the Cybersecurity suite. The goal of the exercise was to raise awareness of cyber risk management, cyber-related planning, and other issues related to cyber incident prevention, protection, and response.

The VTTX contained three multi-media, facilitated modules, each one designed to simulate a separate stage of a cyber-threat incident. A half-hour offline discussion session at each of the participating locations followed the presentation of each module of the scenario, with the individual locations coming back online to present their responses for the entire VTTX group before moving to the next module. Module One/’Preparation’ focused on establishing cyber incident response capabilities and preventing cyber incidents. Module Two/’Detection and Analysis’ focused on identifying initial indicators of a cyber-incident, as well as analyzing and validating the incident. Module Three/’Containment, Eradication, and Recovery’ focused on limiting damage from the incident and remediation actions.  The round table format of the room facilitated and resulted in a “no-fault” learning environment where the varied levels of knowledge, capabilities, plans, systems, and policies were shared between members of each organization. All participants agreed that the value of sharing knowledge that impacts every industry and discipline in such a dynamic technological climate -- regardless of the size of the network-- is immeasurable, and one significant outcome of the exercise was the consensus that more local and regional collaboration within the information technology industry is desired. The exercise concluded with a ‘hot wash’ discussion of the ideas and issues that emerged from the event. Participants and the facilitators completed feedback forms to assist the EMI VTTX program manager compile an After Action Report (AAR) which participants will receive for review upon completion. This was the first such FEMA VTTX attended by all participants aside from First United Bank, and all members of the exercise were able to recognize both strengths and opportunities for remediation in their organizations’ current cyber hygiene regimen.

More information about the FEMA-Emergency Management Institute series of Virtual Table Top Exercises can be found at: https://training.fema.gov/programs/emivttx.aspx.