PAXsims

Conflict simulation, peacebuilding, and development

Daily Archives: 30/09/2021

Dstl: Diversity on the virtual battlefield

Dstl has highlighted their commitment to diversity and inclusion in professional wargaming with a new video and accompanying article.

Dstl Head of the Defence Wargaming Centre (DWC) Mike said:

The first step is to recognise the issue and to commit to do something about it.

The Derby House Principles were co-created by a Dstl wargamer and Dstl – all of Dstl, not just the wargaming centre – was an early signatory.

We are committed to ensuring the Defence Wargaming Centre is an inclusive environment. We display the Derby House Principles prominently in the DWC and brief them to players at our games in order to make clear that we are an inclusive environment. We include diversity and inclusion in our training and development.

He went on to say they were looking at the barriers to diversity and inclusion in how we design our games and are seeking to address them. And we encourage our partners to value diversity and inclusion – including encouraging them to update their software to represent more diverse armed forces.

Slitherine Software adopted the Derby House Principles in September.

NARUC Cybersecurity Tabletop Exercise Guide

In September 2020, the National Association of Regulatory Utility Commissioners, with the support of the US Department of Energy, published a Cybersecurity Tabletop Exercise Guide.

Public utility commissions (PUCs) are responsible for ensuring adequate, safe, and reliable utility services at reasonable rates. As such, they need to know that jurisdictional utilities’ cybersecurity risk management plans and practices—put in place to mitigate cybersecurity vulnerabilities, counter malicious cyber threats, and rapidly respond and recover from successful attacks—are comprehensive and effective. Exercises are useful for this purpose.

Exercises provide opportunities for participants to demonstrate and assess capabilities in specific areas of interest, including cybersecurity risk management. They also facilitate coordination and help clarify organizational roles and responsibilities.

This Tabletop Exercise (TTX) Guide steps PUCs through the process of creating and executing an exercise specifically designed to examine capacities and capabilities to plan for, respond to, and recover from a cybersecurity incident involving critical energy infrastructure. It complements other resources in NARUC’s Cybersecurity Manual, particularly Understanding Cybersecurity Preparedness: Questions for Utilities, and the Cybersecurity Preparedness Evaluation Tool.1 Coupled with the TTX Guide, these tools comprise a structured, process-driven approach to identifying, assessing, and testing the efficacy of utilities’ cyber risk management plans and practices. This knowledge helps commissions identify cybersecurity gaps, spur utilities’ adoption of additional mitigation and response strategies, and encourage improvements.

Part I details the steps to plan and execute a TTX. Part II reviews the steps required to conduct a seminar-based exercise.2 TTXs are discussion based, typically led by a facilitator who guides participants through one or more scenarios for the purpose of testing the thoroughness and efficacy of relevant plans, processes, and procedures. This format is well suited for commissions’ objective assessment of utilities’ cybersecurity preparedness as well as their own cyber incident response capabilities. Seminars, which are also discussion-based exercises, typically examine a single procedure within a larger plan or a single step in a multistep process.

The exercise guide can be found at the link above. The fuller cybersecurity manual can be found here.

%d bloggers like this: