Quantcast

Interim Findings of CYBER EUROPE 2010, the First Pan-European Cyber Security Exercise; a Successful ‘Cyber Stress Test’ for Europe

November 10, 2010

BERLIN, BRUSSELS and HERAKLION, Greece, November 10, 2010 /PRNewswire/ –
The interim findings and recommendations of EU Member States participants of
the 1st Pan-European Cyber Security Exercise indicate that ‘CYBER EUROPE
2010′ was a useful ‘cyber stress test’ for Europe’s public bodies. Member
States are very keen to continue their efforts in the area of national and
pan-European exercises. They also agreed on the importance of involving the
private sector in further exercises and exchanging lessons learnt with other
national or international exercises.

Supporting EU-wide cyber-security preparedness exercises is one of the
priorities of EU policies, in particular of the Digital Agenda for Europe
(http://ec.europa.eu/information_society/digital-agenda/index_en.htm)

The Executive Director of ENISA, Dr Udo Helmbrecht commented on the
interim conclusions:

“The CYBER EUROPE 2010 exercise was the first successful ‘cyber stress
test’ for Europe. It fully met its objectives to test Europe’s readiness to
face online threats to essential critical infrastructure used by citizens,
governments and businesses. We will work closely with Member States to
identify and implement the lessons learnt from this exercise. We also
encourage Member States to continue their efforts in the area of exercises,
both at national and pan European levels. ENISA will strongly support their
efforts.”

Some of the interim findings and recommendations of Member States (MS)
participants include:

    - The exercise fully met its objectives. The scenario was well
      balanced between technical and communication requirements.

    - Exchanging 'lessons-learnt' with other (national or
      international) exercises would be useful.

    - The private sector should be part of the next pan-European
      exercise.

    - There is a lack of pan-European preparedness measures to
      test. This reflects the fact that many Member States are still refining
      their national approaches.

    - The exercise was only the first step towards building trust
      at pan-European level. More co-operation and information exchange is
      needed.

    - Incident handling in Member States varies a lot due to the
      different roles, responsibilities and bodies involved in the process.
      The Member States had difficulties in fully grasping how incidents
      are managed in other MS.

    - There is no need for creating a new pan-European directory
      of contacts. The existing ones are sufficient but need to be updated
      and completed regularly.

    - ENISA's role in organising and managing future exercises is
      highly recommended by MS.

    - Member States support future pan-European exercises, but
      more time should be allocated to plan and execute the exercise.

These interim findings and recommendations are only reflecting the
initial discussion with MS during the debriefing, and will be followed by a
thorough analysis of the status reports, the logs, etc.

Participants

There were 30 European countries involved, 22 actively enacting the
scenario and 8 observers. In all, experts from over 70 public sector around
bodies responded to +> 320 security ‘injects’. Ca 50 cyber experts reacted in
the Exercise Control Centre, situated in Athens, and had contact with further
80 experts around Europe.

Organisers

‘Cyber Europe 2010′ is organised by the EU Member States and supported
jointly by the European Network and Information Security Agency (ENISA) and
the EU’s Joint Research Centre (JRC)
(http://ec.europa.eu/dgs/jrc/index.cfm?id=10).

The exercise planning of seven Member States, JRC and ENISA lasted over a
year. This involved six workshops, weekly teleconferences, a ‘dry run’ and
numerous trainings at national level.

Next Steps

The exercise will be evaluated in depth. There will also be evaluations
made at national level. These will later be fed into an aggregated public,
EU-wide report of the exercise. The full report is to be published at the
beginning of 2011.

Policy Context

Digital Agenda for Europe to enhance online trust and security
(http://ec.europa.eu/information_society/digital-agenda/index_en.htm)

EU Communication on Critical Information Infrastructure Protection (CIIP)
COM(2009) 149
(http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2009:0149:FIN:EN:P
DF)

Links

EU Commission Press Release of 4th Nov. (in 23 languages)
(http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1459)

ENISA Press Release of 5 Nov (

http://www.enisa.europa.eu/media/press-releases/cyber-europe-20102019-cyber-s

ecurity-exercise-with-320-2018incidents2019-successfully-concluded)

    Exercise Media FAQs (

http://www.enisa.europa.eu/media/news-items/faqs-cyber-europe-2010-final)

CYBER EUROPE 2010 high resolution logo for media
(http://www.enisa.europa.eu/media/news-items/Cyber_Europe_logo_HIGH.jpg)

(Due to the length of these URLs, it may be necessary to copy and paste
the hyperlink into your Internet browser’s URL address field. Remove the
space if one exists.)

http://www.enisa.europa.eu

SOURCE ENISA – European Network and Information Security Agency


Source: newswire



comments powered by Disqus