This presentation by Mr. Ulrik Keller, Head of section, Danish Emergency Management Agency, was made at the 2014 OECD/Swiss Federal Chancellery Strategic Crisis Management Workshop (12-13 June, Geneva).
CBO’s Recent Appeals for New Research on Health-Related Topics
OECD Strategic Crisis Management Workshop, presentation by Mr. Ulrik Keller
1. National Crisis Management Exercise
Ulrik Keller
Centre for Preparedness Planning and Crisis Management
Danish Emergency Management Agency
2. Objectives
• KRISØV has taken place every two
years since 2003
• The overall objective is to exercise
and test strategic parts of the
national crisis management system
3. Participants
Multiagency crisis management
Organizations
Government Security Committee
Senior Officials Security Committee
National Operational Staff
Local Operational Staff (Copenhagen)
Others
Energinet.dk
Dong Energy
Metro
NETS
Danish Broadcasting
Coperation
Version2
Computerworld
The British Embassy
The Norwegian Embassy
The Swedish embassy
Agencies
Prime Ministers Office
Ministry of Defence
Ministry of Justice
Ministry of Foreign Affairs
National Police
Danish Emergency Management
Agency
Danish Security and Intelligence
Service
Danish Defence Intelligence
Service
Centre for Cyber Security
Danish Health and Medicines
Authority
Defence Command Denmark
Agency for Governmental IT
Services
Danish Agency for Digitization
Danish Energy Agency
Danish Veterinary and Food
Administration
Danish Maritime Authority
Danish Geodata Agency
Danish Transport Authority
Danish Serum Agency
Local Police (Copenhagen)
The Capital Region of Denmark
Municipality of Copenhagen
Total:
• 4 Multiagency crisis management
organizations
• 23 Agencies (4 ministries)
• 7 Private organizations
• 3 Embassies
4. Exercise control
Participants
G-SC
Agencies
Local Operational Staff
National operational staff
Departements
Decentralized Agencies
Region/Municipality
S-SC
Ministers
Media
Private organizations
Embassy
Injects
Players’ action
(Response cell + media and public cells)
5. Outcome
The exercise served as a basis for:
• Assessing the effectiveness of the crisis management
system
• Identifying recommendations on potential adjustments in
order to strengthen the crisis management efforts
• Raising awareness and developing knowledge regarding
cyber threats, vulnerabilities, and dependencies within
critical societal functions
6. Priorities for KRISØV 2013
• Coordinated cyber attack
• Derived physical consequences
(simulated)
• Fewer, but more comprehensive
scenarios
• Unstable and unpredictable
situation
7. Side 7
Mobile phones down
Unstable energy supply
Public transport stops
E-mail and internet down
Altering of sensitive data
Netservices not responding
Unauthorized access to sensitive information
Warning systems hacked
8. Website during the exercise
www.krisoev.dk
Practical information, phone
book, exercise rules.
Agencies own exercise
webpages
Social media
Exercise controlled
news media
Media(Participants)
10. 2. juli 2014
Dette skrives ind i sidehoved / sidefod
Side 10
Danish Broadcasting Coperation:
News on the net + live radio during the execise
11. Challenges
• Participant = Planning
• Planners don´t have the knowledge on
cyberthreats
• Focus on the CYBER incidents
12. Key factors for succes
• High level strategic ownership (Prime Ministers
office)
• Extensive public and media simulation
• Preparatory activities:
– Seminars on cyber threats and cyber security,
crisis communications and use of social media
– Get-Ready- for- KRISØV 2013
– Table top exercise “To go”
13. Lessons identified: Crisis management system
The positive:
• National crisis management system can be used to handle a
massive cyber attack
• National Operational Staff has good procedures, support and
cooperation amongst the participating agencies
• Bilateral cooperation between the cyber agencies were good
Room for improvement:
• The National situation picture
• Some agencies lack knowledge on the role and
responsibilities of the cyber agencies
• Crisis communication needs to be coordinated better
14. Lessons identified: Knowledge on cyber threats
The positive:
• Better knowledge on cyber for NON-cyber agencies,
who doesn´t work with cyber security on a daily basis
• Better understanding of cyber dependencies
• Better understanding of the derived consequences of a cyber
attack
Room for improvement
• More advice from the cyber agencies on cyber threats and cyber
security to NON-cyber agencies
• Preparedness plans needs to be updated so they include cyber
incidents
15. Lessons identified: Exercise methodology
The positive:
• The 4 recommendations from KRISØV2011 gave a significant
boost:
– One big dynamic scenario instead of five small scenarios
– Relevant injects for all participant
– Further development of media and public response cells
– Preparatory activities
Room for improvement
• IT-platform outdated (more server capability)
• Fewer sub-scenarios