Today, the European Union Agency for Network and Information Security (ENISA) is conducting the biggest and most complex European cybersecurity exercise to date.
According to the agency, more than 200 organizations and 400 experts from a total of 29 European Union and EFTA countries will participate in Cyber Europe 2014, a large-scale event that’s organized every two years. The exercise takes place at several centers all over Europe and is coordinated from a central control center.
Representatives of national CERTs, telecoms and energy companies, cyber security agencies, financial institutions, Internet service providers and other private and public sector organizations will put their skills to the test in a realistic simulation of a cybersecurity scenario.
Participants will be presented with over 2,000 incidents, including defacements, data theft, denial-of-service (DoS), intelligence and media reports on malicious cyber operations, and attacks on critical infrastructure. The goal is to test not only the procedures and capabilities of each participant, but also the effectiveness of cooperation in the European Union.
Cyber Europe 2014 also aims at testing the procedures related to sharing operational information in case of a cyber crisis, as outlined in the EU-Standard Operational Procedures (EU-SOPs) guide.
“Five years ago there were no procedures to drive cooperation during a cyber-crisis between EU Member States,” noted Udo Helmbrecht, ENISA’s executive director. “Today we have the procedures in place collectively to mitigate a cyber-crisis on European level. The outcome of today’s exercise will tell us where we stand and identify the next steps to take in order to keep improving.”
The exercise has three stages: technical, operational/tactical, and strategic. The first phase, which involves detection, investigation, mitigation and information exchange in case of a cyber incident, was completed in April. The third phase, focusing on strategic objectives, will take place in early 2015.
Today’s exercise, which represents the second phase, tests the ability of participants to deal with crisis assessment, alerting, coordination, cooperation, tactical analysis, advice and information exchange at operational level.
“The sophistication and volume of cyber-attacks are increasing every day. They cannot be countered if individual states work alone or just a handful of them act together,” said Neelie Kroes, the vice president of the European Commission. “I’m pleased that EU and EFTA Member States are working with the EU institutions with ENISA bringing them together. Only this kind of common effort will help keep today’s economy and society protected.”
