Prairie Storm: A 3-Day ICS Incident Exercise

Main Stage

In April of 2019, the Nebraska Applied Research Institute (NARI) built and hosted the 3-day live Prairie Storm exercise for a Midwest Power company, their local first responders (their state’s air national guard cyber protection teams) with support and observers from US Cyber Command, and other guard units.

Prairie Storm had real control systems, configured by the utility’s engineers, with real (0-day) attacks, and assessed the real “weapons platform” from US Cyber Command designed for the mission.  We performed a detailed holistic gap analysis for all parties with actionable recommendations they can follow to achieve resiliency of grid operations.

This session will describe the exercise setup as well as the results and lessons learned. Many of the findings are actionable recommendations for the utility world on how to effectively prepare for the eventual cyber incident response scenario and working with a third party to restore operations and remediate the root cause of the incident.

Detection & Response