WASHINGTON, USA — The assistant secretary general of the Organization of American States (OAS), Albert Ramdin, noted that cyber attacks are taking place in the region with “frightening frequency, sometimes with far reaching and disastrous consequences,” in his remarks during the inauguration of a subregional cyber security management exercise taking place at the headquarters of the OAS in Washington DC, in which Anne Witkowsky, the acting principal deputy coordinator for the Bureau of Counterterrorism of the United States Department of State, also took part.
Upon opening the exercise, organized by the Inter-American Committee against Terrorism (CICTE) of the OAS, Ramdin said, “The timing of this event is critical,” as there has been an increase in cyber attacks in most OAS member states.
“It is important to remember,” he said, “that these attacks do not discriminate between nations big or small, powerful or not, and can threaten the infrastructure of our nations in unpredictable and undesirable ways. Cyber incidents target all kinds of public and private entities regardless of political social or economic factors. Therefore being unprepared for an attack leaves our societies vulnerable.”
The exercise in responding to cyber security crises, which takes advantage of the OAS mobile crisis simulation laboratory, has three objectives, Ramdin explained. First, it “will test officials’ abilities to analyze and mitigate the effects of a well organized cyber incident targeting various types of critical infrastructure.”
Secondly, the exercise “will test communication mechanisms between countries when responding to cyber incidents,” and finally, it will “foster an exchange of best practices and lessons-learned in responding to cyber threats, both technically and at the policy-level.”
Since the first crisis management exercise (CME), which was organized by the OAS in Miami in 2011, there have been seven more, in various countries throughout the Americas, noted Ramdin. Today, he added, “the world is much different, much more complex, and our exercise has evolved to match those changing realities.”
Among the adjustments made, said the assistant secretary general, are an upgrade of the infrastructure of the mobile lab and the inclusion of policymakers in the exercises, to avoid “disconnect” between policy and technical personnel during crises.
“Cyber threats will continue in this hemisphere,” said Ramdin in his conclusion. “That is a reality which we can accept. The other reality which we have to establish is how we protect ourselves, how we prepare ourselves for that situation.”
The senior OAS official expressed in particular his gratitude to the United States for its support of the program, which he said had made the mobile lab “a meaningful reality.”
For her part, Witkowsky said, “While the United States has seen earlier demonstrations of the cyber security mobile lab, this will be the first opportunity to gain for ourselves some hands on experience with it as exercise participants with you.”
“Partnering with other OAS member states in this first ever regional exercise will be an excellent opportunity for us to explore our own policies and procedures for responding to cyber threats as well as our abilities to collaborate and coordinate responses with our partners in the Hemisphere during a cyber incident,” said Witkowsky, who noted that her country is the target of an ever-increasing number of cyber attacks.
The State Department official commended the OAS and CICTE “for playing such a critical role in the coordination of cyber security initiatives, including capacity building and facilitating regional cooperation,” and said the cyber security program of the Organization “has become a key forum in the Americas for debate and the exchange of ideas about current and future cyber security trends as well as providing practical training. The United States will continue to support this important program and we welcome the commitment of the OAS to support it as well.”
The event brings together nearly 50 participants from 19 OAS member states to take part in not only the crisis management exercises, but also country updates and the sharing of best practices. Participants come from diverse sectors, including computer security incident response team (CSIRT) members, policymakers, communications officers, and security specialists, among others. The event will conclude on Tuesday.