Cyber Fire cybersecurity investigation training event

Last month, the Energy Department hosted the Cyber Fire Foundry in San Diego. 

The U.S. Department of Energy (DOE) hosted 130 cyber incident responders from across government organizations and critical infrastructure sectors for the 13th Cyber Fire Foundry, which was held October 15th – 19th in San Diego, CA. Participants acquired valuable skills through hands-on, puzzle-based exercises, while also networking with public and private sector peers, creating a lasting community that will enable them to more effectively investigate cyber incidents and coordinate response efforts.

As the sector- specific agency responsible for cybersecurity in the energy sector, DOE has decades of experience developing tools and capabilities to quickly identify potential intruders and stop cyber attacks before they do damage. Cyber Fire Foundry events leverage this expertise to build training modules that teach a range of forensic incident response techniques to all levels of cyber analysts, from beginners to advanced practitioners.

The Cyber Fire Foundry participants began the week with two days of intensive, hands-on training, followed by a two-day exercise where participants worked in teams to solve a number of technically challenging cyber puzzles designed to inspire out-of-the-box thinking for cyber incident response and network protection. The week concluded with a full day of cyber security threat and incident response briefings.

Cyber Fire Foundry participants will continue to use and share their new understanding of forensic incident response concepts across their respective organizations. In addition, the community of participants will be able to more collaboratively investigate forensic evidence of malware, network intrusions, and exfiltration; coordinate more efficiently with other incident responders; and more effectively communicate findings. This community of cyber responders will also generate timely information about cyber incidents, which will enable organizations to better defend their networks against emerging cyber threats.  

Founded in 2009, Cyber Fire is currently funded by the DOE Office of the Chief Information Officer. Multiple DOE entities collaborate to train hundreds of attendees per year through Cyber Fire Foundry events, which are hosted at different locations across the country. The Cyber Fire team is comprised of experts from DOE OCIO and Los Alamos, Idaho, Pacific Northwest, and Lawrence Livermore National Laboratories.

The next Cyber Fire Foundry event will take place Spring 2019. Please visit the Cyber Fire Home Page for more information.