On the 3rd and 4th of June 2019, ENISA organized in Athens, Greece, a conference on Artificial Intelligence in the EU cyber crisis blueprint context under the title ‘ Artificial Intelligence-An opportunity for the EU cyber-crisis management’.
ENISA serves as the CyCLONe Secretariat boosting cooperation among national Cyber Crises Liaison Organisations
The EU-CyCLONe - European cyber crisis liaison organisation network, is a cooperation network for Member States national authorities in charge of cyber crisis management. The network was launched in 2020 and formalized on 16th of January 2023 with entrance into force of NIS2 art 16.
The aim is to collaborate and develop timely information sharing and situational awareness based on tools and support provided by the EU Agency for Cybersecurity, which serves as the CyCLONe Secretariat. The Chair is a representative of the MS holding the Presidency of the Council of the EU.
EU-CyCLONe is composed of the representatives of Member States’ cyber crisis management authorities as well as, in cases where a potential or ongoing large-scale cybersecurity incident has or is likely to have a significant impact on services and activities falling within the scope of this Directive, the Commission. In other cases, the Commission shall participate in the activities of EU-CyCLONe as an observer.
The main tasks of EU CyCLONe are to:
- Support the coordinated management of large-scale cybersecurity incidents and crises at operational level and to ensure the regular exchange of relevant information among Member States and Union institutions, bodies, offices and agencies;
- Increase the level of preparedness of the management of large-scale cybersecurity incidents and crises;
- Develop a shared situational awareness for large-scale cybersecurity incidents and crises;
- Assess the consequences and impact of relevant large-scale cybersecurity incidents and crises and propose possible mitigation measures;
- Coordinate the management of large-scale cybersecurity incidents and crises and support decision-making at political level in relation to such incidents and crises;
- Discuss, upon the request of a Member State concerned, national large-scale cybersecurity incident and crisis response plans.
ENISA provides the Secretariat, infrastructures and tools to enable effective cooperation to respond to large scale and cross-border cyber incidents, attacks and crisis.
ENISA also supports the organisation of exercises for CyCLONe members, such as CySOPex (played by officers) and BlueOLEx (played by executives). These exercises aim to identify improvements and potential gaps in the standardised way of responding to incidents and crises (i.e. Standard Operating Procedures), train on situational awareness and information sharing processes.