The interim findings and recommendations of EU Member States participants of the 1st Pan-European Cyber Security Exercise indicate that Cyber Europe 2010 was a useful cyber stress test for Europe’s public bodies. The full report is to be published at the beginning of 2011.
Some of the interim findings and recommendations of Member States (MS) participants include:
- The exercise fully met its objectives. The scenario was well balanced between technical and communication requirements.
- There is a lack of pan-European preparedness measures to test. This reflects the fact that many Member States are still refining their national approaches.
- Incident handling in Member States varies a lot due to the different roles, responsibilities and bodies involved in the process. The Member States had difficulties in fully grasping how incidents are managed in other MS.
- There is no need for creating a new pan-European directory of contacts. The existing ones are sufficient but need to be updated and completed regularly.
- ENISA’s role in organizing and managing future exercises is highly recommended by MS.
- Member States support future pan-European exercises, but more time should be allocated to plan and execute the exercise.
These interim findings and recommendations are only reflecting the initial discussion with MS during the debriefing, and will be followed by a thorough analysis of the status reports, the logs, etc.
Brian Honan, founder and head of Ireland’s first CERT team comments: “Given that our infrastructure and economies are now so tightly intertwined and dependent on each other, I am very happy to finally see such an exercise taking place within the EU. As a first test it appears to have been successful, if for nothing else for each member state taking part to learn who their counterparts are in other states and how to contact them. Hopefully this will be the first of many such tests with each one improving the overall security of the EU.”
“It is worrying though to think that for many member states this is the first time they have tested their country’s cyber defences. So ENISA should be congratulated on not only running a successful exercise but for also ensuring that each member state has given some thought to their defences. Hopefully this will lead to better cyber defences for the EU, its member states, its economy and the citizens of the EU,” Honan added.