ENISA publishes lessons-learned report on pan-European cybersecurity exercise
- Published: Thursday, 24 September 2015 08:41
ENISA has published the public version of the After Action Report of the pan-European cybersecurity exercise Cyber Europe 2014 (CE2014). This report, approved by the Member States, gives a high-level overview of the complex cybersecurity exercise that was carried out in 2014.
The main goal of Cyber Europe 2014 was to train EU Member States to cooperate during a cyber-crisis. The three-phased exercise provided opportunities to assess the effectiveness of cooperation and escalation procedures during cross-border cyber incidents which impact the security of vital services and infrastructure, while testing national capabilities and contingency plans involving both public and private sector organizations.
The exercise, organized by ENISA, brought together over 1,500 participants from 29 EU and EFTA Member States, covered for the first time all three phases of cyber incident response: technical, operational and strategic.
The report shows that the common ability to mitigate large-scale cybersecurity incidents in Europe, has progressed significantly since 2010, when the first Cyber Europe exercise was carried out. Sharing real-time information among countries is proving valuable for swift decision-making. The EU Standard Operational Procedures (EU-SOPs) used to support these cooperation activities, provide Member States with guidelines, which they can use in the face of large-scale cybersecurity incidents. These will be improved further taking into account the evolving cyber security policy context in Europe.
Cooperation was highlighted as a key element contributing to increased understanding, trust building, and faster response. The Cyber Exercise Platform (CEP) developed by ENISA for the exercise planning, conduct and evaluation, proved to be a powerful tool. The CEP is currently being further developed by ENISA in order to host future cyber exercises and technical scenarios.
ENISA’s executive director Udo Helmbrecht stated: “The lessons learnt from Cyber Europe 2014 are numerous and provide the basis for ground breaking work in the area of cyber crisis cooperation, an emerging field which EU and ENISA are leading. We are committed to implement the action plan, with the support of Member States, to further improve cyber crisis preparedness both at national and the EU level.”Read the full report.