As drones become more capable, affordable, and accessible, they are also becoming a growing security concern for governments, critical infrastructure operators, and any place where lots of people gather. A recent tabletop exercise in Detroit explored what happens when multiple drone swarms are used to attack critical infrastructure and public spaces simultaneously — and the results highlight just how much work remains to prepare for this evolving threat.
Hosted by the Center for Cybersecurity Policy and Law and Venable, the Meeting the Homeland UAS Threat 2026 Tabletop Exercise brought together more than 80 participants from U.S. and Canadian government agencies, law enforcement, critical infrastructure operators, technology companies, and the private sector to examine how a coordinated drone attack might unfold across one of North America's busiest international crossings.
The exercise simulated a coordinated drone attack launched from a vessel on Lake St. Clair, positioned between the United States and Canada. Multiple drone swarms targeted international transportation infrastructure — including the Ambassador Bridge, Gordie Howe International Bridge, and Detroit-Windsor Tunnel — while additional drones struck electrical substations and attacked crowds gathered for the Detroit Grand Prix. The simulated attack unfolded in just over seven minutes, forcing participants to make critical decisions with incomplete information and uncertainty about follow-on attacks.
The scenario challenged participants to examine how current authorities, technology, coordination, and policy frameworks perform against a fast-moving, low-altitude aerial threat.
“Participating in this exercise reinforced that the threat from unmanned aircraft systems is no longer theoretical — it is immediate, evolving, and highly relevant to the protection of critical infrastructure. The ability to quickly identify, assess, and respond to unauthorized drone activity is essential to maintaining safe and reliable operations. Events like this demonstrate that protecting the homeland from emerging aerial threats is a shared responsibility, and our collective readiness is only as strong as the relationships we build and maintain.”
- Michael Kennedy, Security Operations Manager, DTE Energy
Five Key Lessons
1. You Can't Stop What You Can't See
The clearest takeaway from the exercise was that airspace awareness remains the biggest vulnerability.
Participants consistently identified the inability to reliably detect and identify low-altitude drones as the greatest obstacle to an effective response. Without comprehensive detection capabilities, responders cannot distinguish authorized drone operations from malicious activity or prioritize limited resources effectively. The exercise emphasized that effective detection requires multiple sensing technologies — including radio frequency, radar, acoustic, and optical systems — working together through a shared operating picture.
2. Critical Infrastructure Needs Better Protection
Traditional physical security measures are no longer enough. Power substations, bridges, tunnels, and public venues are increasingly vulnerable to aerial attacks that bypass fences, gates, and perimeter security. Participants highlighted the importance of providing critical infrastructure owners with better tools to understand and manage activity in the airspace surrounding their facilities.
The Federal Aviation Administration's proposed Section 2209 rule, which would establish a process for certain fixed-site critical infrastructure facilities to request drone flight restrictions, could help support critical infrastructure protection. But the final rule needs to give critical infrastructure owners and operators more authority to control restricted airspace over their facilities and address other provisions that create security concerns (i.e., by creating a massive database of vulnerabilities and proposed security plans that would give adversaries a roadmap for attack). The deadline for commenting on the rule is August 5, 2026.
There is also a need for increased joint operational planning between government agencies and critical infrastructure operators.
3. Technology Alone Isn't the Answer
While detection technology continues to improve, participants emphasized that training, effective policy frameworks, and operational coordination are equally important. Many state and local officials expressed frustration with limited access to training and the authorities needed to respond safely to drone incidents. Although the SAFER SKIES Act, enacted as part of the FY 2026 National Defense Authorization Act, Act expanded certain counter-drone authorities state, local, territorial, and tribal (SLTT) officials, participants noted that implementation, training, and resource limitations continue to slow adoption. (Of note, the Departments of Justice and Homeland Security have since issued an Interim Final Rule that provides guidance on what systems and technologies can be used by SLTTS, what level of training is required, and other requirements for use; while the Rule goes into effect immediately, there is a comment period that extends until September 6).Similarly, participants urged stronger enforcement of existing drone regulations, particularly the FAA’s Remote ID requirements, which help distinguish lawfully present drones from potentially malicious aircraft.
4. Cross-Border Threats Require Cross-Border Solutions
The Detroit-Windsor region presents unique challenges because drone threats can easily cross international boundaries.
Participants praised the strong working relationships between U.S. and Canadian agencies but noted that differences in legal authorities, operational procedures, and response frameworks can complicate incident management. The exercise highlighted the need for more formalized coordination, including shared playbooks, communications protocols, and joint operational planning specifically designed for cross-border drone incidents.
5. Counter-Drone Planning Must Become Routine
Drone threats can no longer be treated as niche security concerns.
Participants agreed that organizations should integrate counter-UAS planning into broader emergency management, business continuity, and critical infrastructure protection strategies. Drone threats add a new dimension to incident response, raising complex questions about airspace management, operational leadership, and coordination among multiple jurisdictions that cannot be addressed during a crisis alone.
“The Detroit region presents unique cross-border and critical infrastructure challenges. This exercise provided a valuable opportunity for Michigan partners to strengthen coordination, identify gaps, and improve preparedness before a real-world incident occurs.”
Matt Rybar, President & Founder, Michigan Drone Association
Looking Ahead
The exercise reinforced an important reality: drones have fundamentally changed the security landscape.
Unlike traditional threats, malicious drones can approach from virtually any direction, operate in swarms, and reach multiple targets in minutes. Successfully managing these risks will require more than new technology. It will depend on effective governance, including increased protections for critical infrastructure, stronger public-private partnerships, improved airspace awareness, enhanced training, and closer coordination across jurisdictions and international borders.
Exercises like this provide a valuable opportunity to identify operational gaps before a real-world incident occurs. Building resilience today will help ensure that governments, infrastructure operators, and emergency responders are better prepared for the aerial threats of tomorrow.
Read Next
Beyond Buzzwords: What Public Views on Scanning and Encryption Mean for Policymakers
Public support for content scanning and encryption backdoors drops when tradeoffs are made clear. This survey of Nordic countries shows people prioritize privacy and security over harm detection, and lack trust in institutions to govern access.
Cybersecurity Coalition, FIDO Alliance Raise Concerns About Proposed New Data Collection for Visa Waiver Program
The Cybersecurity Coalition and FIDO Alliance raised concerns about the Homeland Security’s proposed new data collection from travelers in the visa waiver program.
