"Product and government people have to have a world view, but in an integrated situation you need creative input - say for instance if a hardware person was trained by one particular vendor then they will only know how one product works: they have had a system of training that is rigid and fixed, but you need someone creative to cope with savage exploits, or else they will only use products they know how to fix.

"To me, if they were trying to test accurate security responses then they would not get people in the establishment to attack themselves. It is a bit like saying our system is secure, because we have tested it."

A similar exercise, also dubbed Cyber Storm and run by the U.S. Department of Homeland Security was held in the U.S. last November.

The vendors involved were Cisco, Computer Associates, CSC, Microsoft, Symantec and Verisign.

Hutchison said the assumption is that the same vendors will be involved in the Australian exercise.