ENISA pioneers the development of proper mechanisms and consistency for cyber incident and crisis management.
Cyber Crisis Management
ENISA’s crisis management activities provide guidance to cybersecurity bodies in Member States on their situational awareness, coordination and political decision-making capacities. ENISA acts as the secretariat for CyCLONe (Cyber Crises Liaison Organisation Network) and the national computer incident responder teams, the CSIRT’s Network.
In EU Member States, joint exercises are carried out by the Commission and ENISA (CySOPex) to measure the ability to react quickly and decisively to large-scale cross-border cyber incidents and ongoing crises.
ENISA, through such exercises, acts as lead management coordinator linking the EU’s top technical and political decision-makers in the event of a massive cyber crisis.
The Agency ensures the regular exchange of information among Member States and Union Institutions, Bodies and Agencies. Another open-source function ENISA manages is OpenCSAM, which draws parallels between previous and current incidents through historical background research carried out by ENISA and its stakeholders.
- ENISA provides advice and background data to EU Member States on situational and crisis responses undertaken by the CSIRTs and CyCLONe networks.
- This role has effectively made it a go-between for technical and political decision-makers responding to large-scale cross-border EU cyber crises.
- ENISA acts as a repository for historical background data on situational awareness to ensure regular trust-building flows of information to crisis units at the Union and national levels.