In May, 2010, the Cooperative Cyber Defence Centre of Excellence in Estonia and the Swedish National Defence College hosted the Baltic Cyber Shield (BCS) international cyber defense exercise (CDX). For two days, six Blue Teams from northern European government, military and academic institutions defended simulated power generation companies against a Red Team of twenty hostile computer hackers. The scenario described a volatile geopolitical environment in which newly hired network security personnel were immediately forced to defend Critical Information Infrastructure (CII) from cyber attacks sponsored by a non-state, terrorist group. This presentation covers the origin and evolution of CDXs and it describes the design, goals, and lessons learned from BCS 2010.