Yesterday, EU Member States, the EU Agency for Cybersecurity (ENISA) and the European Commission (EC) met to test and assess their capacity to respond to a cybersecurity crisis.
Known as Blue OLEx 2020, the exercise, the second of its kind, was organised by the Netherlands, with ENISA’s support., as a key stepping stone towards a finalised set of standardised operating procedures (SOPs). The procedures are being developed within the framework of the NIS Cooperation Group, led by France and Italy. The intention is to achieve a more coordinated information-sharing and incident response mechanism among EU cybersecurity authorities. The NIS Cooperation Group was established under the 2016 Directive on security of network and information systems — the NIS Directive.
According to DIGITAL EUROPE, cyberthreats present a major obstacle to Europe’s path to prosperity. Economic loss due to cybercrime is predicted to reach € 2.5 trillion by 2020, with 74% of the world’s businesses liable to be hacked in the coming year. Currently, only 32% of European businesses have a cybersecurity strategy.
CyCLONe, the cooperation network
Yesterday, EU countries, with the support of ENISA, launched the Cyber Crisis Liaison Organisation Network (CyCLONe) to help ensure a coordinated response should disruptive cyber incidents occur. Overall, the CyCLONe addresses the need for strengthened cooperation during major cyber-related crises. These measures include common situation awareness, coordinated responses plus public information.
Juhan Lepassaar, Executive Director of ENISA, summed up the overall approach: “Cyber crises have no borders. The EU Agency for Cybersecurity is committed to support the Union in its response to cyber incidents. It is important that the national cybersecurity agencies come together to coordinate decision-making at all levels. The CyCLONe group addresses this missing link.”
“The new Cyber Crisis Liaison Organisation Network indicates once again the excellent cooperation between Member States and EU institutions in ensuring that our networks and critical systems are cyber secure,” Thierry Breton, Commissioner for the Internal Market, stated. He noted that cybersecurity is a shared responsibility that requires “we work collectively in preparing and implementing rapid emergency response plans.”
The CyCLONe Network will ensure that information flows more efficiently between different cybersecurity structures enabling Member States to better coordinate national response strategies and impact assessments. Yesterday’s exercise was a follow-up to the Commission’s recommendation in its “Coordinated Response to Large Scale Cybersecurity Incidents and Crises”, the blueprint adopted in 2017.
Member state coordination is in line with NATO’s commitment to enhance the cyber defences of national infrastructures and networks as well as to the requirement for a uniform Allied security and collective defence, as spelled out in the Enhanced NATO Policy on Cyber Defence, which was adopted in Wales, in 2014.
In July 2016, NATO’s “Cyber Defence Pledge” acknowledged its efforts along with those of the EU to enhance cyber security, noting how this “contributes to reinforcing resilience in the Euro-Atlantic region” and pledging to “support further NATO-EU cyber defence co-operation.”
The EU Cybersecurity Act
On 27 June 2019, the EU Cybersecurity Act entered into force, revamping and strengthening ENISA’s role. This set the cybersecurity agency on a new course, giving it a permanent mandate along with increased responsibilities and resources. A key outcome of this was the European cybersecurity certification framework, which established the governance and rules for EU-wide certification of ICT products, processes and services.