Jersey’s Cyber Emergency Response Team (CERT) is set to host two cyber incident response exercises, testing the readiness of the island to respond to a major cyber incident.
The first exercise will be Jersey’s first multi-agency response to cyber threats involving local critical national infrastructure providers (CNI) across both the public and private sector. It will be based around a targeted cyber attack scenario developed by global industry body the Information Security Forum (ISF).
This exercise on Monday 29th November will test the ability of Jersey public agencies and service providers including Government, energy, water, ports and telecoms to handle an island-wide issue and work effectively across multiple organisations.
A second event on Tuesday 30th November involving the wider security and business community will see participants working through a fictional scenario to understand how they would respond and how readiness can be improved.
The lessons from both exercises will be detailed in a report by the CERT to be published in early 2022. This will help local organisations to prepare for a cyber incident, and enable them to test their cyber incident response capabilities effectively.
Matt Palmer, Director of CERT, said “Cyber events can have real life consequences – attacks on critical infrastructure such as hospitals, water, energy and transport can be life-or-death as we saw with the ransomware attack on the Irish health service earlier this year.
“They can be used as a political weapon as well as an economic one, and may be backed by nation states, organised crime or activist hackers. The consequences can be significant and costly to an island community.
“By bringing together all our different critical national infrastructure (CNI) organisations to respond to a realistic major incident scenario we will be able to benchmark our cyber readiness, and understand what further actions we need to take to protect the reputation of the island, our economy and our wellbeing.
“The only way to be ready for an incident is to test yourself regularly. This is a critical initiative and one we hope to repeat on a regular basis as we work together to improve Jersey’s cyber response capability.
“The exercises will allow security and business leaders to practice how they would respond in a real life scenario, and to share experience and ideas with other local organisations. The events were heavily oversubscribed, so we will run further events to engage the different levels of preparedness throughout the community. No-one should feel left out.”