Blue Cascades III, was held in March, 2006, it is the third in a series of infrastructure interdependencies tabletop exercises focused on the Pacific Northwest and developed and conducted by regional public and private sector organizations themselves.

 

The first Blue Cascades, held in Portland, Oregon in June 2002, was conducted under the auspices of the newly created Pacific Northwest Partnership for Regional Infrastructure Security and sponsored by the U.S. Department of the Navy’s Critical Infrastructure Protection Office, FEMA Region 10, and the Canadian federal government. The exercise centered on raising awareness of interconnections among the region’s critical infrastructures and resulting vulnerabilities associated with largely physical attacks and disruptions.

 

Blue Cascades II, held in Seattle in September 2004, was sponsored by King County , the U.S. Department of Homeland Security’s National Cyber Security Division, Puget Sound Energy, Microsoft, and TransCanada. Blue Cascades II centered on cyber events to meet stakeholder needs to learn more about cyber threats, disruptions, and impacts.

 

Blue Cascades I and II were facilitated and hosted by the Pacific NorthWest Economic Region (PNWER), a state-chartered consortium of five states and three Canadian jurisdictions. PNWER will reprise this role for the third Blue Cascades exercise with the support of DHS/NCSD, Public Safety and Emergency Preparedness Canada (PSEPC), and interested regional stakeholders.

 

Previous Blue Cascades participants, particularly regional utilities, have continued to raise the importance of taking a tabletop exercise beyond the immediate response stage and focusing on challenges associated with restoration and reconstitution activities. They are particularly concerned with a prolonged, cascading cross-border disruption that has broad regional physical and cyber infrastructure interdependencies as major complicating factors. These organizations are especially interested in exploring these challenges in a regional electric power outage that lasts beyond the typical backup power capabilities that most critical service providers and businesses have.

 

This was apparent during the Blue Cascades III Initial Planning Meeting, which was held during the Sept. 15, Puget Sound Partnership meeting. Participants focused on a comparable event such as a major earthquake—which according to experts occurs roughly every 300 years in the region and is overdue. Stakeholders agreed that they should modify the initial scenario discussed at the BCIII Concept Development meeting on July 16. Rather than focus on the issues involved in recovery from a prolonged power outage caused by an ice storm or terrorist attack, he suggested the focus be on a major earthquake and that the exercise be two days in duration rather than one. The morning of the first day would center on mitigation measures that regional public and private organizations had implemented to deal with prolonged disruptions and earthquake related vulnerabilities, with the second half of the first day focusing on response and related infrastructure interdependencies issues. The second day would focus wholly on restoration challenges including both earthquake impacted cyber and physical systems.

 

It was also proposed that Blue Cascades III be used to highlight potential interdependencies and related needs associated with the 2010 Vancouver Winter Olympics. Other recommendations included using the exercise to further explore shortfalls identified in the first two Blue Cascades exercises about how regional organizations could increase their awareness of cyber security threats and issues. Also addressed was utilizing a new Puget Sound Portal within the U.S. CERT Website to address regional cyber disruptions and attacks.

 

The exercise planning meeting participants generally were receptive to this overall approach and to take it under consideration. It was agreed that the Cascadia Region Earthquake Workgroup (CREW) and the U.S Geological Survey be asked to provide a scientifically accurate, realistic scenario and that a Scenario Design Team (SDT) be created of volunteer organizations for the exercise. Several participants volunteered to be part of the SDT, including BPA, Puget Sound Energy, King County, Pierce County, Snohomish County, WA State Department of Information Services, the Port of Seattle, Premera Blue Cross, Boeing, the City of Seattle, and the Washington Association of Sewer and Water Districts. Participants agreed to seek additional SDT members to ensure all infrastructures were represented. It was also agreed to hold the exercise the third week in February and that a schedule of exercise development activities be provided outlining SDT conference calls bi-weekly at 2 p.m. on Wednesdays for the near future lasting no more than an hour. It was expected that the next exercise planning meeting would be held in early December and the final planning meeting in January. It was further agreed that the Puget Sound Regional Portal on the U.S. CERT website be utilized as the repository for documents associated with the development of the exercise.

Specific objectives for the exercise that emerged from the discussion included:

 

• Illuminate reconstitution and business continuity challenges and needs associated with long-term disruptions of critical infrastructures;

• Increase understanding of interdependency issues related to recovering from long duration outages;

• Highlight the existing extent of cooperation, including understanding of roles, responsibilities, and authorities--local, county, state, federal (civilian and defense), of jurisdictions and of private sector organizations during long-term regional disruptions;

• Further explore cross-border physical and cyber U.S. and Canadian interdependencies;

• Increase the level of collaboration among regional cyber security responders and experts; as well as cooperation along cyber and physical security and emergency management personnel;

• Demonstrate how the new Puget Sound Regional Portal on the U.S. CERT Website could be utilized to improve preparedness in a regional cyber threat/disruption/attack situation;

• Underscore and validate the mutual value of public and private sector and cross-function and multidiscipline cooperation to deal with large-scale, prolonged disasters of all types.

• Explore and assess what approaches and plans are necessary for regional resource management;

• Recognize and examine jurisdiction boundaries and problems that arise from these artificial barriers;

• Explore the development of plans for determining restoration priorities;

• Examine and begin to better understand how to deal with the welfare of citizens;

• Highlight existing laws and gaps that may impede restoration or recovery efforts.