News Item

Healthcare’s Cybersecurity Incident Response Spotlighted at European Security Event

The EU Agency for Cybersecurity and the Danish Health Data Authority are joining forces again this month, introducing the final session of the 2020 eHealth Security Conference to examine incident response procedures across Europe’s health system.

Published on November 18, 2020

On the 23rd of November, part three of the eHealth Security Conference 2020: Working Together Towards Secure eHeath will kick off with talks about healthcare’s cybersecurity incident response in Europe. The session, Incident Response While in Crisis, will highlight actual events fueled by the COVID-19 pandemic. It will examine how the private and public sectors are supporting the system at EU Member State level, and how information exchange across communities is working to advance the preparedness of healthcare across Europe.

While under normal circumstances healthcare has been a target of cybercrime due to the high value of health data and the criticality of health services, now more than ever it has become a target for malicious actors, who have introduced more advanced phishing campaigns and ransomware attacks since the onset of the pandemic. As Europe’s health system is being pushed to the limit, responding to cyber attacks has become an almost insurmountable challenge to face. The cybersecurity community has come together to raise awareness and offer real solutions to help prepare healthcare providers.


The Danish Health Data Authority and the European Union Agency for Cybersecurity (ENISA) redesigned the eHealth Security Conference this year to focus on three areas of healthcare’s most pressing cyber challenges with deep-dive sessions across three months. The first session held in September focused on cybersecurity in healthcare during the pandemic; and the second session held last month covered cybersecurity for COVID-19 tracing mobile apps.

The final session will be in a virtual format, and will be accessible to the public for live viewing on 23 November at 14:00-16:00 CET here: ENISA YouTube channel.

EU Agency for Cybersecurity Executive Director Juhan Lepassaar will open the session with a keynote speech centred on building up cyber resiliency across Europe’s health system. The two-hour session will review how the system has responded to incidents over the past months and analyse how some of the key lessons learned have been translated into actions to push forward this cyber resiliency.

Security and healthcare experts from the Computer Emergency Response Team for the EU Institutions, Bodies and Agencies (CERT-EU), the Netherlands healthcare CERT (Z-CERT), the Institut Luxembourgeois de Regulation (ILR) and the Danish Healthcare Cyber and Information Security Unit (DCIS) will share recommendations for the technical aspects of incident responses.

Highlights of Session II - “Cybersecurity in COVID-19 Tracing Mobile Apps”

Last month’s session on Cybersecurity in COVID-19 tracing mobile apps found that governments are capable of creating country-scale apps that put privacy and security as the top requirements.

  • Christian D’Cunha, Policy Officer at DG Connect, European Commission opened talks with a keynote about the mid-term appraisal of COVID-19 apps, six months on. He noted that most Member States have launched or are preparing to launch their national apps for contact tracing - indicating a high level of convergence at EU level. He also summarised the activities around the European Federation Gateway Service (EFGS), which will enable encrypted information exchange between national applications.
  • Moderated by Dr. Evangelos Ouzounis, Head of the Secure Infrastructure and Services Unit at the EU Agency for Cybersecurity, session panellists discussed how these apps work to complement physical tracing in a secure manner.
  • Representing the Danish Patient Safety Authority, Birgitte Drewes noted that in Denmark the app was created primarily to complement the physical tracing process and aims to have a fully anonymous functionality, as the data is stored entirely on the device itself.
  • Dr. Dina Truxius of Germany’s Federal Office for Information Security (BSI) discussed how the BSI conducted the entire security assessment and focused on continuously performing testing on the front and the backend.
  • Advisor to the President of Latvia Ieva Ilves presented the Latvian framework, and underlined the importance of raising awareness of the national COVID-19 tracing and warning app.
  • Expert for the Dutch Ministry of Health Dirk-Willem van Gulik highlighted the initial challenges of producing the Dutch app, which is now a fully open source app built up on a decentralised architecture.


The European Union Agency for Cybersecurity has been actively supporting the healthcare sector since 2015. The Agency has published several reports about cybersecurity in healthcare, including Security and Resilience in eHealth Infrastructures and Services, Cybersecurity and Resilience for Smart Hospitals and Procurement Guidelines for Cybersecurity in Hospitals. The EU Agency for Cybersecurity is currently working on a report about cloud cybersecurity in healthcare for January 2021. The report aims to tackle the issue that cloud integration in the EU healthcare sector is still in its infancy by proposing 17 security and data protection measures to ensure cloud security.

The Agency also works in close collaboration with Member State national authorities and healthcare organisations on the implementation of the NIS Directive. During the pandemic, the NIS Cooperation Group focused greatly on the implementation of the NIS Directive in healthcare. Another area in which the Agency collaborates is with the eHealth Network established under the European Commission’s Directorate-General for Health and Food Safety (DG SANTE), which works towards the cross-border exchange of healthcare information and services, and with the Joint Action to Support the eHealth Network (JAseHN). For example, the Agency supported the drafting of cybersecurity guidelines for COVID-19 tracing apps.

Moreover, the EU Agency for Cybersecurity participates in the Medical Device Coordination Group, which produced the guidance on cybersecurity for medical devices in the context of the Medical Devices Regulation under the European Commission's Directorate-General for the Internal Market, Industry, Entrepreneurship & SMEs (DG GROW).

Press Contact

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies