The interim findings and recommendations of EU Member States participants of the 1st Pan-European Cyber Security Exercise indicate that ’CYBER EUROPE 2010’ was a useful ’cyber stress test’ for Europe’s public bodies. Member States are very keen to continue their efforts in the area of national and pan-European exercises. They also agreed on the importance of involving the private sector in further exercises and exchanging lessons learnt with other national or international exercises.
Supporting EU-wide cyber-security preparedness exercises is one of the priorities of EU policies, in particular of the Digital Agenda for Europe.
The Executive Director of ENISA, Dr Udo Helmbrecht commented on the interim conclusions:
”The CYBER EUROPE 2010 exercise was the first successful ’cyber stress test’ for Europe. It fully met its objectives to test Europe’s readiness to face online threats to essential critical infrastructure used by citizens, governments and businesses. We will work closely with Member States to identify and implement the lessons learnt from this exercise. We also encourage Member States to continue their efforts in the area of exercises, both at national and pan European levels. ENISA will strongly support their efforts.”
Some of the interim findings and recommendations of Member States (MS) participants include:
- The exercise fully met its objectives. The scenario was well balanced between technical and communication requirements.
- Exchanging ’lessons-learnt’ with other (national or international) exercises would be useful.
- The private sector should be part of the next pan-European exercise.
- There is a lack of pan-European preparedness measures to test. This reflects the fact that many Member States are still refining their national approaches.
- The exercise was only the first step towards building trust at pan-European level. More co-operation and information exchange is needed.
- Incident handling in Member States varies a lot due to the different roles, responsibilities and bodies involved in the process. The Member States had difficulties in fully grasping how incidents are managed in other MS.
- There is no need for creating a new pan-European directory of contacts. The existing ones are sufficient but need to be updated and completed regularly.
- ENISA's role in organising and managing future exercises is highly recommended by MS.
- Member States support future pan-European exercises, but more time should be allocated to plan and execute the exercise.
These interim findings and recommendations are only reflecting the initial discussion with MS during the debriefing, and will be followed by a thorough analysis of the status reports, the logs, etc.
There were 30 European countries involved, 22 actively enacting the scenario and 8 observers. In all, experts from over 70 public sector around bodies responded to +> 320 security ’injects’. Ca 50 cyber experts reacted in the Exercise Control Centre, situated in Athens, and had contact with further 80 experts around Europe.
'Cyber Europe 2010' is organised by the EU Member States and supported jointly by the European Network and Information Security Agency (ENISA) and the EU’s Joint Research Centre (JRC).
The exercise planning of seven Member States, JRC and ENISA lasted over a year. This involved six workshops, weekly teleconferences, a ‘dry run’ and numerous trainings at national level.
The exercise will be evaluated in depth. There will also be evaluations made at national level. These will later be fed into an aggregated public, EU-wide report of the exercise. The full report is to be published at the beginning of 2011.
Digital Agenda for Europe to enhance online trust and security
EU Communication on Critical Information Infrastructure Protection (CIIP) COM(2009) 149
EU Commission Press Release of 4th Nov. (in 23 languages)
ENISA Press Release of 5 Nov,
Exercise Media FAQs,
CYBER EUROPE 2010 high resolution logo for media
For interviews, high res. photos, or further details:
Ulf Bergstrom, Spokesman, ENISA, firstname.lastname@example.org, Mobile: + 30 6948 460 143.
Stay updated- subscribe to RSS feeds of ENISA news items & PRs;