In 2009 the European Commission Communication on Critical Information Infrastructure Protection (CIIP),"Protecting Europe from Large Scale Cyber-Attacks and Disruptions: Enhancing Preparedness, Security and Resilience", acknowledged that simulating incidents and running exercises to test response capabilities are strategic in improving the overall security and resilience of Critical Information Infrastructures. The European Commission invited Member States to develop national contingency plans and organise regular exercises for large scale network security incidents response and disaster recovery, as a step towards closer pan-European (Network and Information Security) NIS cooperation plan. The latest policy documents in this area, namely the European Cyber Security Strategy and the proposed directive, stress the importance of NIS cyber crisis cooperation plans, procedures and exercises, at national and pan-European level.
In this context ENISA has engaged in being a facilitator for Member States by supporting the exchange of good practices in the area of Cyber Crisis Cooperation and Exercises. ENISA is the driving force behind the series of pan-European cyber exercises Cyber Europe as well as the joint EU-US cyber exercise (Cyber Atlantic). ENISA published a ‘Good Practice Guide on National Exercises’ with the aim to assist European stakeholders to design, plan, execute and monitor a national exercise on the resilience of public communication networks. ENISA is organising the series of the annual International Conferences covering topics in the area of Cyber Crisis Cooperation and Exercises.
ENISA is presently continuing its efforts in providing Member States and Europe support in areas such as: