Successful Multi-Sector Cyber Exercise Strengthens Tampa Bay Preparedness
From May 18–20, 2026, Cyber Florida, in partnership with the Army Cyber Institute and a broad coalition of federal, state, local, military, academic, and private-sector partners, successfully completed the Jack Voltaic® Tampa Cyber Incident Exercise at the University of South Florida Marshall Student Center.
The three-day, immersive exercise simulated a coordinated cyberattack targeting Tampa Bay’s critical water infrastructure, creating cascading impacts across essential services and adjacent military operations. The event brought together decision-makers and technical responders to test coordination, improve readiness, and strengthen cyber resilience across the region.
About Jack Voltaic®
Jack Voltaic® is an initiative led by the Army Cyber Institute designed to evaluate and enhance the resilience of communities surrounding U.S. military installations.
Because modern infrastructure systems are deeply interconnected, disruptions in cyber-physical systems, such as water, energy, transportation, and communications, can quickly ripple across both civilian and defense environments.
Since its launch in 2016, the Jack Voltaic® series has focused on:
- Strengthening civil-military cyber coordination
- Testing multi-sector incident response capabilities
- Identifying infrastructure interdependencies and vulnerabilities
- Improving regional resilience through realistic scenario-based training
The 2026 Tampa exercise built on this foundation with an expanded focus on operational execution and cross-sector integration.
Exercise Scenario: Coordinated Cyberattack on Water Infrastructure
Participants worked through a realistic, escalating cyber incident affecting water treatment and distribution systems in the Tampa Bay region. The scenario was designed to reflect the complexity of modern cyberattacks against operational technology (OT) and critical infrastructure environments.
Scenario Progression Included:
- Corruption of vendor-managed PLC systems
- Altered chemical setpoints impacting water treatment processes
- Theft of sensitive utility operational data
- Loss of SCADA control and degraded system visibility
These events created cascading operational challenges for utilities, emergency managers, and defense-supporting infrastructure, requiring coordinated response across multiple jurisdictions.
Exercise Objectives and Outcomes
The exercise successfully met its core objectives:
-
Strengthening Regional Response Capabilities
Participants tested and refined the ability of the City of Tampa and Hillsborough County to respond to a sophisticated, multi-sector cyberattack under realistic operational pressure.
-
Evaluating Emergency Management Under Stress
State and local agencies examined response coordination in an environment reflecting concurrent emergency demands and infrastructure disruption.
-
Demonstrating Regional Leadership
The Tampa Bay region further established itself as a national leader in cyber incident preparedness and cross-sector collaboration.
-
Assessing Defense Operational Impacts
The exercise highlighted potential implications for nearby defense installations, including MacDill Air Force Base, as well as U.S. Central Command and U.S. Special Operations Command.
A Dual-Track Training Environment: Tabletop and Live-Fire Integration
A defining feature of the 2026 exercise was the integration of two complementary training environments: a facilitated tabletop exercise (TTX) and a live-fire cyber range exercise (LFX).
Tabletop Exercise (TTX): Strategic Decision-Making in Action
Led in partnership with Norwich University Applied Research Institutes, the tabletop exercise brought together leadership from across sectors to:
- Evaluate response plans and procedures
- Coordinate crisis communications strategies
- Identify gaps in interagency coordination
- Discuss policy, governance, and resource alignment
Facilitated discussions enabled participants to test assumptions and refine decision-making frameworks under evolving scenario conditions.
Live-Fire Exercise (LFX): Operational Execution at Scale
The live-fire exercise, powered by SimSpace, provided participants with a realistic cyber range environment where technical teams:
- Analyzed live telemetry, logs, and simulated alerts
- Identified indicators of compromise across IT and OT systems
- Implemented containment and mitigation strategies
- Coordinated across SOC, engineering, and leadership roles
- Delivered operational briefings to executive stakeholders
The LFX environment enabled participants to directly translate tabletop decisions into technical execution, reinforcing real-world readiness.
Broad Cross-Sector Participation
The exercise brought together an extensive coalition of partners, including:
Federal and Military Partners
- S. Cyber Command, U.S. Central Command, U.S. Special Operations Command, U.S. Coast Guard, Florida Army National Guard, the FBI, and the Cybersecurity and Infrastructure Security Agency.
- State and Local Government
- City of Tampa, Hillsborough County, Pinellas County, Pasco County, along with multiple municipal and state agencies.
Critical Infrastructure and Industry
Key infrastructure partners included:
- TECO Energy
- Tampa Bay Water
- Tampa General Hospital
- BayCare Health System
- AdventHealth
- US Water Services Corporation
- Academic and Research Partners
Idaho National Laboratory and the University of South Florida played key roles in supporting scenario design, technical integration, and research-informed facilitation.
Key Outcomes and Takeaways
Across all three days, participants identified several critical outcomes:
Stronger Cross-Sector Coordination
The exercise reinforced the importance of pre-established relationships between government, industry, and military stakeholders in responding to cyber incidents affecting shared infrastructure.
Improved Operational Awareness
Participants demonstrated improved ability to maintain shared situational awareness across IT and OT environments during rapidly evolving incidents.
Identification of Infrastructure Interdependencies
The scenario highlighted how disruptions in water systems can cascade into healthcare, energy, and defense operations.
Enhanced Crisis Communication Practices
Leadership teams refined strategies for communicating risk, coordinating messaging, and maintaining public trust during cyber disruptions.
After-Action Review and Next Steps
Following the exercise, participants contributed to a comprehensive after-action review capturing:
- Key strengths in coordination and response
- Gaps in technical and organizational capabilities
- Opportunities to improve communication and decision-making workflows
- Recommendations for future regional cyber preparedness efforts
These findings will inform ongoing efforts to strengthen cyber resilience across Florida’s critical infrastructure ecosystem.
Advancing Cyber Resilience for the Future
The successful completion of the Jack Voltaic® Tampa Cyber Incident Exercise underscored the value of sustained, cross-sector collaboration in addressing today’s evolving cyber threats.
By bringing together civilian leadership, military commands, infrastructure operators, and cybersecurity practitioners in a shared training environment, the exercise strengthened both relationships and operational readiness across the Tampa Bay region.
Cyber Florida and its partners remain committed to advancing this collaborative model, ensuring Florida continues to lead in building resilient, secure, and well-coordinated cyber defense capabilities.
Cyber Florida’s services and resources are available at no charge. To arrange for access to the ARCS Range, visit https://cyberflorida.org/arcs-range/. To explore no-cost cybersecurity training and educational opportunities for all levels of public sector employees, including certification preparation, visit our FirstLine page at https://cyberflorida.org/firstline/. Critical infrastructure organizations interested in completing the Florida Cyber Risk Assessment to access free resources and expert help should visit https://cyberflorida.org/cip/.