The Anatomy of National and International Cyber Security Exercises; new report by the EU cyber-security Agency ENISA

Back to News

In its new report, the EU’s ’cyber-security agency’ ENISA (the European Network and Information Security Agency) examines 85 national and international cyber-exercises between 2002 and 2012. The report issues seven recommendations.

Information on national and multinational cyber-exercises was gathered worldwide and analysed in this report. We found that a total of 22 European countries were conducting national cyber-security exercises during the last years.

 The key findings include:

  • Cyber-exercises have increased in numbers recent years; 71% occurred 2010-2012. The reasons are the overall policy context that boosts cyber-exercises, an increased emphasis by EU Member States thereupon, and the increasing threat of cross border cyber incidents and attacks.
  • Cyber-security and cyber crisis cooperation efforts are receiving ever more attention.
  • There is an essential need to intensify public–private cooperation on cyber-exercises, as the ownership of most of the critical information infrastructures lies in private hands.
  • Proper planning, monitoring and evaluation methods are crucial for effective cyber-exercises.

 

Some statistical features show that:

  • 64% of the multinational exercises involved more than 10 countries, 13% involved 6–10 countries and 13% involved 3–5 countries.
  • In 57% of the exercises both the public and private sector participated, while 41% involved only the public sector.
  • Two-thirds of the analysed exercises were national exercises and one-third was multinational exercises. This indicates a tendency for international cooperation, although national security matters usually are domestic concerns.
  • Exercises also generated media footprint for 74% of them, creating national cyber-security awareness.

                                                                       

The seven key recommendations of the report are:

  1. Establish a more integrated global cyber exercise community;
  2. Ensure exchange of good practices on cyber-exercises, including public–private cooperation;
  3. Support development of exercise management tools for better exercise planning, execution and evaluation;
  4. Conduct more complex cyber-exercises at inter-sectorial, international and European levels;
  5. Exercises should be included in the lifecycle of national cyber crisis contingency plans;
  6. Promote the good practices for national exercises, and initiate a step-by-step methodology for  cross-border cyber-exercises;
  7. Develop feedback mechanisms for ensuring that lessons learned from cyber-exercises

 

The Executive Director of ENISA, Professor Udo Helmbrecht, remarked:

The ENISA study shows that a broad consensus exists for cyber-exercises being an essential instrument to assess the preparedness of a community against cyber crises, and to enhance the responsiveness of stakeholders against critical information infrastructure incidents. Based on the report results we will see a growing number of multinational exercises, like our recent Cyber Europe 2012, involving also the private sector.”


Please refer to the full report.


For background:

Critical Information Infrastructure Protection (CIIP) Action Plan, Digital Agenda and the 2011 Communication on CIIP.

Follow the EU cyber-security affairs of ENISA on Facebook, Twitter, LinkedIn YouTube & RSS feeds


For interviews please contact: Ulf Bergstrom, Spokesman, press@enisa.europa.eu or mobile: +30 6948 460 143, or Panagiotis Trimintzios, Exercise Director, panagiotis.trimintzios@enisa.europa.eu