EU Member States test rapid Cyber Crisis Management

The first EU exercise for the recently established Cyber Crisis Liaison Organisation Network (CyCLONe) is in progress. CySOPEx 2021, as the exercise is called, aims to test member states procedures for fast cyber crisis management in the EU when facing large-scale, cross-border cyber incidents. 

CySOPEx 2021 is the first EU exercise for the recently established CyCLONe. The network’s liaisons link the technical level to the political when a large-scale cross-border cyber crisis takes place in order to support the co-ordinated management of cybersecurity incidents and crisis at operational level and to ensure the regular exchange of information among member states and union institutions, bodies and agencies.

All member states and the European Commission are taking part in the exercise organised by Portugal as Presidency of the Council of the European Union and CyCLONe Chair and by the EU Agency for Cybersecurity (ENISA) that acts as the secretariat of the CyCLONe.

The procedures which are tested aim to enable swift information exchange and effective co-operation among the Member States.

CyCLONe Chair and Representative of the Portuguese Presidency of the Council of the EU João Alves said: “CySOPex 2021 is an important milestone for the CyCLONe network, bringing together Member States, ENISA and European Commission to better prepare and coordinate rapid response procedures in case of a large-scale cross-border cyber incident or crisis. Recent events have shown the importance of such cooperation and aligned response. CySOPex reflects everyone’s engagement in the present and, foremost, in the future.”

EU Agency for Cybersecurity, Executive Director Juhan Lepassaar, says: “Enabling the co-ordination of all the actors involved at operational, technical and political levels is an important element of efficient response to cross-border cybersecurity incidents. Testing these capabilities is a sine qua non to prepare for the future cyber-attacks."

The CySOPex exercise is specifically tailored for the CyCLONe officers who are specialised in crisis management and/or international relations supporting the decision-makers, prior to and during, large-scale incident or crisis situations. They provide guidance on situational awareness, crisis management coordination and political decision-making.  

The goals of the exercise are to increase the overall competences of the CyCLONe officers specifically to:

• train on situational awareness and information sharing processes
• improve understanding of roles and responsibilities in the context of the CyCLONe
• identify improvements and/or potential gaps in the standardised way of responding to incidents and crises (i.e. Standard Operating Procedures)
• test the CyCLONe cooperation tools and exercise infrastructures provided by ENISA.

This exercise follows the BlueOlex 2020, where the CyCLONe was launched. BlueOlex is a table-top Blueprint Operational Level Exercise (Blue OLEx) for high-level executives of national cybersecurity authorities.