Cyber Europe tests the EU Cyber Preparedness in the Energy Sector

Back to News

The 7th edition of Cyber Europe, one of the largest cybersecurity exercises in Europe, organised by the European Union Agency for Cybersecurity (ENISA) challenged the resilience of the EU energy sector.

Cybersecurity has become a growing threat gateway for the EU critical infrastructure sectors, as the number of cyberattacks has largely increased in recent years. In 2023 alone, over 200 reported cyber incidents targeted the energy sector and more than half of them were directed specifically at Europe. The significant role the sector holds for the European economy renders the energy industry particularly susceptible to cyber threats and attacks.  

EU Commissioner for the Internal Market, Thierry Breton visited ENISA premises and the Cyber Europe Exercise room to have a glimpse of how the exercise puts the EU energy infrastructure to the test. He stated: “Cybersecurity is a common priority. In 2023 alone, more than 200 reported cyber incidents targeted the energy sector, and more than half of them were directed specifically against Europe. Cybersecurity threats in critical sectors can have an impact on the everyday life of citizens, but also on businesses and public services throughout the EU. This type of exercise is essential to test our cybersecurity resilience with all key partners if we are to protect EU citizens.” 

The Executive Director of the EU Agency for Cybersecurity, Juhan Lepassaar, stated: ‘The preservation of our critical infrastructure is one of the building blocks of the single market and thus, we have to advance our preparedness and response capacities to protect it. The Cyber Europe exercise is the evidence that we are committed in our efforts to achieve that.’ 

The Network and Information Security (NIS) Investments in the EU report by ENISA found that 32% of operators in the energy sector do not have a single critical Operation Technology (OT) process monitored by a Security Operations Center (SOC). Operational Technology and Information Technology are covered by a single SOC for 52% of operators of essential services in the energy sector. 

Given the importance of the energy sector, this year’s Cyber Europe exercise focused on a scenario that involved cyber threats aiming at the EU energy infrastructure deriving from friction caused by geopolitical tension between the European Union and a fictious foreign nation. With propaganda swaying public opinion and concerns about APTs (Advanced Persistent Threat) groups exploiting vulnerabilities, the energy sector became a prime target. To prevent a large-scale attack crippling the European economy and destabilising political balance, stakeholders had to swiftly coordinate their actions and response. 

The two-day event simulated a series of large-scale cyber incidents. Working together, players honed their coordination and crisis management skills to tackle the challenges posed by the advanced scenarios and ensure business continuity in the face of a crisis. The pan-European exercise brought together 30 national cybersecurity agencies, a number of EU agencies, bodies and networks and over 1000 experts dealing with a range of areas from incident response to decision-making. It is one of the largest cyber exercises organised in Europe and it is powered by ENISA, which celebrates its 20th anniversary in 2024. 

Following the biennial exercise, an analysis on the processes and outcomes will be conducted to gain insights on the weaknesses identified. These findings will be included in the after-action report, which intends to provide guidance and suggestions for further improvement both for the exercise itself but also for strengthening the resilience of the EU energy sector.  

Further Information 

Cyber Europe — ENISA (europa.eu) 

Cyber Europe 2024 — ENISA (europa.eu) 

Energy sector — ENISA (europa.eu) 

EU CyCLONe — ENISA (europa.eu) 

Contact 

For press questions and interviews, please contact press (at) enisa.europa.eu