Towards a Successful Exercise Implementation – A Case Study of Exercise Methodologies
The entire world faces various threats, with a significantly increasing rate. These threats are associated with international terrorism, natural catastrophes, power cuts due to cyber-attacks etc. Without doubt there is a need that an industrial or critical infrastructure should be prepared to face such threats. There exist several methodologies which give guidelines on how to organize and implement an exercise to address these threats at various time instances. After a short description of some of these methodologies, this paper investigates whether they are compliant with the standard ISO. Also, this paper proposes appropriate changes in order for these methodologies to be compliant with the standard and, thus, to become more effective.
KeywordsExercises Methodologies Training Critical infrastructure Tabletop exercise Operational exercise Functional exercise Exercise roles Exercise life-cycle Evaluation
The publication of this paper has been partly supported by the University of Piraeus Research Center.
- 1.Carrel, L.F.: Leadership in Krisen. Ein Handbuch für die Praxis, Bern, p. 23 (2004)Google Scholar
- 2.ENISA Report: Good practice guide on national exercises - enhancing the resilience of public communications networks. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/cce/cyber_exercises/national-exercise-good-practice-guide (2009). Accessed 30 Jan 2015
- 3.ENISA Report: ENISA threat landscape 2014. http://www.enisa.europa.eu/activities/risk-management/evolving-threatenvironment/enisa-threat-landscape/enisa-threat-landscape-2014 (2015). Accessed 30 Jan 2015
- 4.HERMES OEx: Guidelines for the organisation of exercises. www.hermesoex.ch (2004). Accessed 30 Jan 2015
- 5.HERMES: Management and execution of projects in information and communication technologies. www.bbl.admin.ch/bundespublikationen (2004). Accessed 30 Jan 2015
- 6.ISO/IEC: 22398 Societal security — guidelines for exercises and testing. http://www.iso.org
- 7.MSB: Guide to Increased Security in Industrial Control Systems (2010). ISBN: 978-91-7383-089-8Google Scholar
- 8.MSB: Handbook – Evaluation of Exercises (2011). ISBN 978-91-7383-127-7Google Scholar