Press Release

Cyber Europe 2016: Key lessons from a simulated cyber crisis

Today marks the end of the latest cyber crisis exercise organised by ENISA, with the release of the after action report and closure video of Cyber Europe 2016.

Published on June 30, 2017

While a new ransomware campaign (Petya) is still ongoing, and a few weeks only after the WannaCry outbreak, the report sheds light on the preparatory steps taken by authorities and industry to respond to such cyber attacks.

Over 1 000 participants from all 28 EU Member States, along with Switzerland and Norway, joined last year in a simulated crisis which lasted for over 6 months, culminating in a 48‑hour event on 13 and 14 October 2016.

Leveraging a newly developed exercise environment containing dozens of simulated news outlets, TV channels, search engines and social media platforms, the immersion in the exercise was unprecedented. The EU Ombudsman underlined this forward-looking outlook in March 2017 with an award for excellence in innovation and transformation. Yet the most striking evidence of such innovation, and certainly a reward in itself for all those who worked hard on the exercise at ENISA and in Member States, was the countless similarities between the scenario and the WannaCry outbreak. Cyber Europe 2016 proved to be an excellent opportunity to prepare for the real incident to come.

Udo Helmbrecht, Executive Director of ENISA, said: “Cyberattacks are increasingly, simultaneously affecting more than one Member State. The true value of ENISA’s Cyber Europe 2016 is that it simulates cyber incidents that test and develop the Member States’ capability to work together and address cyber incidents that have a cross border perspective. The simulations are particularly useful in that they are designed to test technical, operational, public relations and political responses to cross border cyber incidents. The recent WannaCry incident demonstrated the need for Member States to work together, share information and respond to the incident in a coordinated and effective manner. ENISA has for many years led in the delivery of cyber exercises that pursue these goals.

I would like to thank all the Member States for their full participation in these exercises and I look forward to starting the next exercise that will build on the good and positive experience achieved in this exercise.

Next steps

The immediate future of cyber crisis management in the EU concerns the drafting of a cyber crisis cooperation plan and the development of a cyber crisis management platform. While the role of ENISA in both activities is essential, the effective cooperation of all EU cybersecurity actors involved will determine their success. In addition, preparations for Cyber Europe 2018 have already started.


If you have participated in Cyber Europe 2016, please contact your national authorities: a detailed report is available. For further assistance, please contact

Notes to editors:

Cyber Europe 2016 - After action report
Exercise Q&A
Video trailer,
promotional video, after action video
Poster 1 (A4, web), poster 2 (A4, web)
Previous Cyber Europe exercises
Crisis management practices in the EU

For more information:

For press and media interviews:  Tel. +30281440961


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information