ENISA Calls for Action on Cyber Crisis Management
European Union cybersecurity agency ENISA has urged decision makers in the EU to take action and create a cyber crisis management framework before a major incident occurs.
Based on lessons learned from the aviation, civil protection, border control, counter-terrorism, and health and disease control sectors, ENISA has compiled a set of recommendations for efficient cooperation and management measures that would lessen the impact of a cyber crisis.
According to the agency, there is a lack of consistency in the EU when it comes to cyber incident response, particularly crisis situations. Until now, only the 2007 cyberattacks that hit Estonia have been classified as a cyber crisis, and while the incident has led to some measures being taken in the EU, ENISA believes a proper cyber crisis management framework needs to be established.
One of the main challenges is related to the fact that the severity of a crisis is usually established based on the severity of its impact. However, ENISA pointed out that a major cyber incident could lead to a crisis in the energy, telecommunications and industrial sectors, which is why, unlike in the case of a “traditional” crisis, not only the impact has to be mitigated, but the cause as well.
Experts believe EU member states and the European Commission should review current legislation to better reflect the distinction between cause and effect, and leverage developments in cyber crisis management for mitigating crises caused by cyber incidents.
ENISA has also advised member states to develop and adopt an EU-level cyber crisis management plan, and cyber standard operating procedures (SOPs).
The European Commission and EU members should also establish a pool of experts tasked with exchanging information and best practices. Finally, ENISA recommends funding the design and development of a cyber crisis cooperation platform.
“The message we try to pass with this study is that the effective mitigation of any type of crisis caused by cyber incidents does not only depend on the mitigation of the impacts of that crisis,” said Udo Helmbrecht, executive director of ENISA. “It depends also very much on the effective mitigation of the cyber incidents which caused it. Today, EU decision-makers are in the privileged position to take action before such a cyber crisis occurs; this study offers insight into what can be done.”
ENISA’s complete report on cyber crisis management is available for download in PDF format. The agency has also published a video with testimonials from experts in other sectors:
Related: Joint UK-US Exercise to Test Nuclear Infrastructure Against ‘Major’ Cyber Attack
Related: ENISA Launches Car Security Group