Technical Incidents Development for Cyber Exercises

Deadline: Dec 16, 2016

Negotiated procedure - maximum budget €40.000

The subject of this contract is based on the ENISA Work Programme 2017 - "Output O.4.1.3 – Support activities for Cyber Exercise Planning and Cyber Crisis Management”.

ENISA is dedicated to enhance the level of cybersecurity preparedness of EU and EFTA Member States and EU Institutions. In this context, ENISA organises several cybersecurity and crisis preparedness exercises, such as the Cyber Europe (Cyber Europe 2010, -12, -14 and 16) and the EuroSOPEx series. These exercises are a combination of technical cyber security, business continuity and crisis management based on scenarios, which are realistic, serious and relevant considering the cybersecurity threats faced by EU/EFTA Member States. The technical parts in ENISA’s exercises consist mostly of realistic incidents that require deep knowledge of advanced types of cyber security attacks, defence and forensics in order to be fully resolved. Realism is a key element of the technical incidents that need to be resolved in order to train players’ skills that could be applied on real-world operations. Technical incidents in ENISA’s exercises could be of any type ranging from passive post-incident forensics analysis to active simulations of penetration testing or capture the flag type of incidents. The goal of this contract is to support ENISA in developing a number of realistic cybersecurity scenarios and the relevant technical incidents based on real cases, such as attack traces, digital evidence and vulnerable applications, as well as to develop standalone contests like capture the flag quests to supplement and gamify the exercise experience.

If you are interested to be invited to participate in the tender then please register.