'Cyber Europe 2010'; Cyber Security Exercise With 320 'Incidents' Successfully Concluded

By Enisa - European Network And Information Security Agency, PRNE
Thursday, November 4, 2010

BRUSSELS and HERAKLION, Greece, November 5, 2010 - The first ever, pan-European "Cyber Europe 2010" exercise ended
successfully yesterday. More than 150 experts from 70 public bodies around
Europe participated in the exercise. They were exposed to more than 320
incidents, or 'injects'. The exercise was a first key step for strengthening
Europe's cyber defense. The key challenge now is for the Member States to
implement the identified 'lessons-learnt' during the exercise. The Agency
also advocates that all Member States in Europe should consider conducting
national exercises as to improve its Critical Information Infrastructure
Protection (CIIP).

The exercise revealed a number of points where improvement in
communication channels and procedures could be made. The Executive Director
of ENISA, Dr Udo Helmbrecht commented:

'This was a first key step for strengthening Europe's cyber protection.
Each mistake and error made were useful 'lessons-learnt'; that is what
exercises are for. Now, the challenge is for the Member States to analyse and
properly implement these findings, of how to improve the communication
channels and procedures. Both internally within a Member State, and in
between Member States, across Europe, as to strengthen our common

    The objectives of the exercise were:

    - To establish trust in between actors within the Member State, and
      between the Member States (MS)
    - To increase understanding of how management of incidents is done in
      different MS across Europe.
    - To test the communication channels, communication points and procedures
      in the MS/between MS.
    - To highlight interdependencies between MS across Europe.
    - To increase mutual support procedures during incidents or massive cyber

Participating were 22 Member States as players and 8 Member States as
observers. In all, ca 50 persons were present in the Exercise Control Centre,
situated in Athens, being exposed to more than 320 security so called
'injects' related to the availability of internet and corresponding critical
online services. Across Europe in the participating Member States 80 more
persons were acting upon the instructions of the national moderators in
Athens. The nationally based players may have contacted further others in
their Member States. Typical profiles of players were Computer Emergency
Response Teams, Ministries, National Regulatory Authorities etc.

Cyber Europe 2010 is organised by EU Member States and jointly supported
by the European Network Security Agency (ENISA) (www.enisa.europa.eu/)
and the EU's Joint Research Centre (JRC) (

    Next steps

    - On 10th November, the Agency will make a media briefing in Berlin, at
      the Commission Representation (
      ec.europa.eu/deutschland/press/index_de.htm), providing more
      information and draft conclusions about the outcome of the exercise.
    - The exercise will be evaluated in depth. There will also be evaluations
      made at national levels. These will later be fed into an accumulated
      public, EU-wide report, of the exercise. The full report is anticipated
      to be published in the beginning of next year, i.e. early 2011.

Link to FAQs (
www.enisa.europa.eu/media/news-items/faqs-cyber-europe-2010-final )
(full details re scope, objectives, background etc).

Link to Commission press release (

(Due to the length of this URL, it may be necessary to copy and paste
this hyperlink into your Internet browser's URL address field. Remove the
space if one exists.)

Link to CYBER EUROPE 2010 logo (
high resolution.


For interviews or further details: Ulf Bergstrom, Spokesman, ENISA, press at enisa.europa.eu, Mobile: +30-6948-460-143

will not be displayed