The European Union Agency for Cybersecurity (ENISA) releases the after action report of the 2022 edition of Cyber Europe, the cybersecurity exercise testing the resilience of the European Healthcare sector.
The after action report compiles the information around the Cyber Europe exercise organised by ENISA earlier this year and serves the purpose to identify potential challenges and to suggest recommendations.
Participants successfully tested the EU-level technical and operational cooperation mechanism during cyber crises. They also tested the incident response and resilience plans at local levels. The exercise also allowed stakeholders to be trained on technical capabilities.
By engaging into these activities, participants benefited from a high-level engagement on the different aspects of cooperation needed to address the issues presented in the scenario developed.
An in-depth analysis of the findings were shared with the planners which is expected to result in the improvement of procedures, communication and coordination processes already in place at local, sectoral, national, cross-border and EU-wide levels.
This is why such exercises are positively welcomed by participants who are given the chance to perform practical testing and to train in the process, developing expertise in cybersecurity and crisis management skills in doing so. Participating stakeholders joined in the efforts to identify gaps and development points to further improve the cybersecurity posture of the health sector.
It emerged from the analysis that allocating commensurate budget and resources to cybersecurity teams within health organisations is key to ensure the cybersecurity resilience needed in the health sector. Regular testing at local level also emerged as a recommended best practice.
About Cyber Europe 2022
The pan-European exercise organised by ENISA featured a disinformation campaign of manipulated laboratory results and a cyber attack targeting European hospital networks. The scenario provided for the attack to develop into an EU-wide cyber crisis with the imminent threat of personal medical data being released and another campaign designed to discredit a medical implantable device with a claim on vulnerability.
More than 900 cybersecurity experts were in action to monitor the availability and integrity of the systems over the two days of this latest edition of Cyber Europe. With 29 countries represented from both the European Union and the European Free Trade Association (EFTA), the event included the participation EU agencies and institutions, including ENISA, the European Commission, the CERT of EU Institutions, bodies and agencies (CERT-EU), Europol and the European Medicine Agency (EMA).
About Cyber Europe exercises
‘Cyber Europe’ exercises are simulations of large-scale cybersecurity incidents that escalate to EU-wide cyber crises. The exercises offer opportunities to analyse advanced cybersecurity incidents, and to deal with complex business continuity and crisis management situations.
ENISA already organised five pan-European cyber exercises in 2010, 2012, 2014, 2016 and 2018. The event usually takes place every two years. However, the 2020 edition was cancelled due to the COVID-19 pandemic. The next Cyber Europe will take place in 2024 and the first planners meeting has taken place to prepare the next edition.
International cooperation between all participating organisations is inherent to the gameplay, with most European countries participating. It is a flexible learning experience: from a single analyst to an entire organisation, with opt-in and opt-out scenarios and where the participants can customise the exercise to their needs.
Further information
Cyber Europe 2022 – After Action Report
Cyber Europe 2018 – After Action Report
Contact
For press questions and interviews, please contact press (at) enisa.europa.eu