In 2019, high level executives of national cybersecurity authorities, the European Commission and ENISA, the EU Agency for Cybersecurity participated in the table-top Blueprint Operational Level Exercise (Blue OLEx) 2019, which underlined the need to implement an intermediate level between the technical and the political ones in the EU cyber crisis management framework.
Thierry Breton, Commissioner for the Internal market, said: “The new Cyber Crisis Liaison Organisation Network indicates once again an excellent cooperation between the Member States and the EU in ensuring that our networks and critical systems are cyber secure. Cybersecurity is a shared responsibility and we should work collectively in preparing and implementing rapid emergency response plans, for example in case of a large-scale cyber incident or crisis.”
Blue OLEx 2020: tabletop exercise and strategic policy discussion
The second edition of the table-top exercise, which this year takes place online, Blue OLEx 2020, is organised by the Netherlands with the support of the EU Agency for Cybersecurity, ENISA on 29 September 2020. The aim of the exercise is to build a stronger relationship among the cybersecurity community participating in the exercise, increase the situational awareness, share best practices. Finally it sets the scene for a high-level political discussion, on strategic cyber policy issues, in particular, shaping a coherent framework for crisis management at EU level.
It gathers high level executives of the 27 Members States’ competent authorities in charge of cyber crisis management and/or cyber policy, the European Commission and the EU Agency for Cybersecurity in charge of cybersecurity and is the opportunity for them to officially launch the Cyber Crisis Liaison Organisation Network (CyCLONe) and explore the interaction between the new network and the political level.
The CyCLONe: a new cooperation network for Member States
The CyCLONe’s aim is to contribute to the implementation of the European Commission’s Blueprint for rapid emergency response in case of a large-scale cross-border cyber incident or crisis and complements the existing cybersecurity structures at EU level by linking the cooperation at technical (e.g. Computer Security Incident Response Team – CSIRTs) and political levels (e.g. Integrated Political Crisis Response – IPCR). By doing so, the CyCLONe will fulfill two fundamental objectives: enabling consultations on national response strategies and coordinated impact assessment on the anticipated or observed impacts of a crisis, to the benefit of policy decision-makers, both at national and EU level.
The CyCLONe – which is the result of the work carried out by a work-stream of the NIS Cooperation Group led by France and Italy – will operate based on agreed operating procedures, relying on appropriate ICT tools for communication and information sharing provided by the EU Agency for Cybersecurity, which serves as the CyCLONe Secretariat. With the support of the European Commission, the network has already established a clear roadmap for the year to come with three key moments contributing to enhance the preparedness of the network: the after action report of Blue OLEx 2020, Cyber Europe 2021 and Blue OLEx 2021.
The lessons learned during Blue OLEx 2020 will feed into supplementing the standard operating procedures of the CyCLONe and shape future exercises.
ABOUT Blue OLEx
Blue OLEx is a high-level event organised each year by one member state and supported by the European Union Agency for Cybersecurity, ENISA, in collaboration with the European Commission. It aims to test the EU preparedness in the event of a cyber-related crisis affecting the EU Member States and to strengthen the cooperation between the national cybersecurity authorities, the European Commission and ENISA.