First EU Cyber Security Exercise 'Cyber Europe 2010' with 320 'incidents' successfully concluded
The exercise revealed a number of points where improvement in communication channels and procedures could be made.
The Executive Director of ENISA, Dr Udo Helmbrecht commented:
'This was a first key step for strengthening Europe's cyber protection. Each mistake and error made were useful 'lessons-learnt'; that is what exercises are for. Now, the challenge is for the Member States to analyse and properly implement these findings, of how to improve the communication channels and procedures. Both internally within a Member State, and in between Member States, across Europe, as to strengthen our common cooperation'.
The objectives of the exercise were:
- To establish trust in between actors within the Member State, and between the Member States (MS)
- To increase understanding of how management of incidents is done in different MS across Europe.
- To test the communication channels, communication points and procedures in the MS/between MS.
- To highlight interdependencies between MS across Europe.
- To increase mutual support procedures during incidents or massive cyber attacks
Participating were 22 Member States as players and 8 Member States as observers. In all, ca 50 persons were present in the Exercise Control Centre, situated in Athens, being exposed to more than 320 so-called security 'injects' related to the availability of internet and corresponding critical online services. Across Europe in the participating Member States, 80 more persons were acting upon the instructions of the national moderators in Athens. The nationally based players may have contacted further others in their Member States. Typical profiles of players were Computer Emergency Response Teams, Ministries, National Regulatory Authorities, etc.
Cyber Europe 2010 is organised by EU Member States and jointly supported by the European Network Security Agency (ENISA) and the EU's Joint Research Centre (JRC).
- On 10th November, the Agency will make a media briefing in Berlin, at the Commission Representation, providing more information and draft conclusions about the outcome of the exercise.
- The exercise will be evaluated in depth. There will also be evaluations made at national levels. These will later be fed into an accumulated public, EU-wide report of the exercise. The full report is anticipated to be published in the beginning of next year, i.e. early 2011.
Link to exercise FAQs (full details re scope, objectives, background etc): http://www.enisa.europa.eu/...
Link to Commission press release of 4th Nov. (in 23 languages): http://europa.eu/...
Link to CYBER EUROPE 2010 logo (http://www.enisa.europa.eu/...),
Communication on Critical Information Infrastructure Protection (CIIP) COM(2009)
The 'Digital Agenda' of Commissioner Kroes.