Press Release

EU Member States test rapid Cyber Crisis Management

CySOPEx 2021 is testing for the first time today the procedures for prompt and effective cyber crisis management in the EU to face large-scale, cross border cyber-attacks.

Published on May 19, 2021

CySOPEx 2021 is the first EU exercise for the recently established EU CyCLONe - Cyber Crises Liaison Organisation Network. The Network’s liaisons link the technical level (ie. The CSIRTs Network) to the political one when a large-scale cross-border cyber crisis takes place. This is in order to support the coordinated management of such cybersecurity incidents and crises at operational level and to ensure the regular exchange of information among Member States and Union institutions, bodies and agencies.

The CySOPex exercise aims to test Member States procedures for fast cyber crisis management in the EU when facing large-scale, cross-border cyber incidents and crisis. All Member States and the European Commission are taking part in the exercise organised by Portugal as Presidency of the Council of the European Union and CyCLONe Chair and by the EU Agency for Cybersecurity (ENISA) that acts as the secretariat of the CyCLONe.

The procedures which are tested aim to enable swift information exchange and effective cooperation among the Cyber Crises Liaison Organisations (CyCLO) – i.e. the Member States  competent authorities – within the CyCLONe along the lines described as the operational level of the Blueprint recommendation.

CyCLONe Chair and representative of the Portuguese Presidency of the Council of the EU João Alves said:CySOPex 2021 is an important milestone for the CyCLONe network, bringing together Member States, ENISA and European Commission to better prepare and coordinate rapid response procedures in case of a large-scale cross-border cyber incident or crisis. Recent events have shown the importance of such cooperation and aligned response. CySOPex reflects everyone’s engagement in the present and, foremost, in the future.”

EU Agency for Cybersecurity Executive Director Juhan Lepassaar said: “Enabling the coordination of all the actors involved at operational, technical and political levels is an important element of efficient response to cross-border cybersecurity incidents. Testing these capabilities is a sine qua non to prepare for the future cyber-attacks."

Specifically, the CySOPex exercise is tailored for the CyCLONe officers who are specialised in crisis management and/or international relations supporting the decision-makers, prior to and during, large-scale incident or crisis situations. They provide guidance on situational awareness, crisis management coordination and political decision-making.  

The goals of the exercise are to increase the overall competences of the CyCLONe officers specifically to:

  • train on situational awareness and information sharing processes;
  • improve understanding of roles and responsibilities in the context of the CyCLONe;
  • identify improvements and/or potential gaps in the standardised way of responding to incidents and crises (i.e. Standard Operating Procedures);
  • test the CyCLONe cooperation tools and exercise infrastructures provided by ENISA.

This exercise follows the BlueOlex 2020, where the CyCLONe was launched. BlueOlex is a table-top Blueprint Operational Level Exercise (Blue OLEx) for high-level executives of national cybersecurity authorities.

Upcoming Events

This year, the CySOPEx 2021 will be followed by the CyberSOPex 2021, the exercise for the technical level embodied by the CSIRTs Network and the BlueOlex 2021 that will take place in Q4.

About CyCLONe – the EU Cyber Crises Liaison Organisation Network

EU CyCLONe aims at enabling rapid cyber crisis management coordination in case of a large-scale cross-border cyber incident or crisis in the EU by providing timely information sharing and situational awareness amongst competent authorities and is supported by ENISA, which provides the secretariat and tools.  

EU CyCLONe operates at the “operational level”, which is the intermediate in between technical and strategic/political levels.

The goals of EU CyCLONe are to:

  • establish a network to enabling the cooperation of the appointed national agencies and authorities in charge of cyber crisis management;
  • provide the missing link between the EU CSIRTs Network (technical level) and the EU political level.  

Due to its importance in the EU cybersecurity landscape, the European Commission proposal for the revised NIS Directive envisions in Article 14 the formal establishment of the European Cyber Crises Liaison Organisation Network (EU – CyCLONe).

About ENISA role in operational cooperation

By coordinating both the secretariat of the EU CyCLONe and the CSIRTs Network, ENISA aims at synchronising the technical and operational levels and all actors involved in the EU to collaborate and respond to large-scale incidents and crises by providing the best tools and support by:

  • Enabling operation and information exchange with infrastructure, tools and expertise;   
  • Acting as facilitator (switchboard) between the different networks, the technical and operational communities as well as decision makers responsible for crisis management;
  • Providing the infrastructure and support for the exercise and training.

Press Contact

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies