On September 29, EU Member States, the EU Agency for Cybersecurity (ENISA) and the European Commission (EC) met to test and assess their capacity to respond to a cybersecurity crisis.
Known as Blue OLEx 2020, the exercise, the second of its kind, was organised by the Netherlands, with ENISA’s support, as a key stepping stone towards a finalised set of standardised operating procedures (SOPs). The procedures are being developed within the framework of the NIS Cooperation Group, led by France and Italy. The intention is to achieve a more coordinated information-sharing and incident response mechanism among EU cybersecurity authorities. The NIS Cooperation Group was established under the 2016 Directive on security of network and information systems — the NIS Directive.
CyCLONe, the cooperation network
On September 29, EU countries, with the support of ENISA, launched the Cyber Crisis Liaison Organisation Network (CyCLONe) to help ensure a coordinated response should disruptive cyber incidents occur. Overall, the CyCLONe addresses the need for strengthened cooperation during major cyber-related crises. These measures include common situation awareness, coordinated responses plus public information.
Juhan Lepassaar, Executive Director of ENISA, summed up the overall approach: “Cyber crises have no borders. The EU Agency for Cybersecurity is committed to support the Union in its response to cyber incidents. It is important that the national cybersecurity agencies come together to coordinate decision-making at all levels. The CyCLONe group addresses this missing link.”
“The new Cyber Crisis Liaison Organisation Network indicates once again the excellent cooperation between Member States and EU institutions in ensuring that our networks and critical systems are cyber secure,” Thierry Breton, Commissioner for the Internal Market, stated. He noted that cybersecurity is a shared responsibility that requires “we work collectively in preparing and implementing rapid emergency response plans.”
The CyCLONe Network will ensure that information flows more efficiently between different cybersecurity structures enabling Member States to better coordinate national response strategies and impact assessments. Yesterday’s exercise was a follow-up to the Commission’s recommendation in its “Coordinated Response to Large Scale Cybersecurity Incidents and Crises”, the blueprint adopted in 2017.
The EU Cybersecurity Act
On 27 June 2019, the EU Cybersecurity Act entered into force, revamping and strengthening ENISA’s role. This set the cybersecurity agency on a new course, giving it a permanent mandate along with increased responsibilities and resources. A key outcome of this was the European cybersecurity certification framework, which established the governance and rules for EU-wide certification of ICT products, processes and services.