oecd strategic crisis management workshop, presentation by mr. ulrik keller
DESCRIPTION
This presentation by Mr. Ulrik Keller, Head of section, Danish Emergency Management Agency, was made at the 2014 OECD/Swiss Federal Chancellery Strategic Crisis Management Workshop (12-13 June, Geneva).TRANSCRIPT
National Crisis Management Exercise
Ulrik Keller Centre for Preparedness Planning and Crisis Management Danish Emergency Management Agency
Objectives
• KRISØV has taken place every two years since 2003
• The overall objective is to exercise
and test strategic parts of the national crisis management system
Participants
Multiagency crisis management Organizations Government Security Committee Senior Officials Security Committee National Operational Staff Local Operational Staff (Copenhagen)
Others Energinet.dk Dong Energy Metro NETS Danish Broadcasting Coperation Version2 Computerworld The British Embassy The Norwegian Embassy The Swedish embassy
Agencies Prime Ministers Office Ministry of Defence Ministry of Justice Ministry of Foreign Affairs National Police Danish Emergency Management Agency Danish Security and Intelligence Service Danish Defence Intelligence Service Centre for Cyber Security Danish Health and Medicines Authority Defence Command Denmark Agency for Governmental IT Services Danish Agency for Digitization Danish Energy Agency Danish Veterinary and Food Administration Danish Maritime Authority Danish Geodata Agency Danish Transport Authority Danish Serum Agency Local Police (Copenhagen) The Capital Region of Denmark Municipality of Copenhagen
Total: • 4 Multiagency crisis management organizations
• 23 Agencies (4 ministries) • 7 Private organizations • 3 Embassies
Exercise control
Participants
G-SC
Agencies
Local Operational Staff
National operational staff
Departements
Decentralized Agencies Region/Municipality
S-SC
Ministers
Media Private organizations
Embassy
Injects
Players’ action
(Response cell + media and public cells)
Outcome
The exercise served as a basis for:
• Assessing the effectiveness of the crisis management system
• Identifying recommendations on potential adjustments in order to strengthen the crisis management efforts
• Raising awareness and developing knowledge regarding cyber threats, vulnerabilities, and dependencies within critical societal functions
Priorities for KRISØV 2013
• Coordinated cyber attack
• Derived physical consequences (simulated)
• Fewer, but more comprehensive scenarios
• Unstable and unpredictable situation
Side 7
Mobile phones down Unstable energy supply
Public transport stops
E-mail and internet down
Altering of sensitive data
Netservices not responding
Unauthorized access to sensitive information
Warning systems hacked
Website during the exercise www.krisoev.dk
Practical information, phone book, exercise rules.
Agencies own exercise webpages
Social media
Exercise controlled news media
Media(Participants)
Social media ’Blokken’
3265 ”Tweets”
• Public: 79 %
• Agencies: 12,3 %
• Media: 8,7 %
2. juli 2014 Dette skrives ind i sidehoved / sidefod Side 10
Danish Broadcasting Coperation: News on the net + live radio during the execise
Challenges • Participant = Planning
• Planners don´t have the knowledge on cyberthreats
• Focus on the CYBER incidents
Key factors for succes
• High level strategic ownership (Prime Ministers office)
• Extensive public and media simulation
• Preparatory activities:
– Seminars on cyber threats and cyber security, crisis communications and use of social media
– Get-Ready- for- KRISØV 2013 – Table top exercise “To go”
Lessons identified: Crisis management system The positive:
• National crisis management system can be used to handle a massive cyber attack
• National Operational Staff has good procedures, support and cooperation amongst the participating agencies
• Bilateral cooperation between the cyber agencies were good
Room for improvement:
• The National situation picture
• Some agencies lack knowledge on the role and responsibilities of the cyber agencies
• Crisis communication needs to be coordinated better
Lessons identified: Knowledge on cyber threats The positive:
• Better knowledge on cyber for NON-cyber agencies, who doesn´t work with cyber security on a daily basis
• Better understanding of cyber dependencies
• Better understanding of the derived consequences of a cyber attack
Room for improvement
• More advice from the cyber agencies on cyber threats and cyber security to NON-cyber agencies
• Preparedness plans needs to be updated so they include cyber incidents
Lessons identified: Exercise methodology The positive:
• The 4 recommendations from KRISØV2011 gave a significant boost:
– One big dynamic scenario instead of five small scenarios – Relevant injects for all participant – Further development of media and public response cells – Preparatory activities
Room for improvement
• IT-platform outdated (more server capability)
• Fewer sub-scenarios
error – connection lost