Thursday, November 11, 2010

Europe - Report calls for improved cyber-security following stress tests

[prnewswire] The interim findings and recommendations of EU Member States participants of the 1st Pan-European Cyber Security Exercise indicate that 'CYBER EUROPE 2010' was a useful 'cyber stress test' for Europe's public bodies. Member States are very keen to continue their efforts in the area of national and pan-European exercises. They also agreed on the importance of involving the private sector in further exercises and exchanging lessons learnt with other national or international exercises.

Supporting EU-wide cyber-security preparedness exercises is one of the priorities of EU policies, in particular of the Digital Agenda for Europe

The Executive Director of ENISA, Dr Udo Helmbrecht commented on the interim conclusions:

"The CYBER EUROPE 2010 exercise was the first successful 'cyber stress test' for Europe. It fully met its objectives to test Europe's readiness to face online threats to essential critical infrastructure used by citizens, governments and businesses. We will work closely with Member States to identify and implement the lessons learnt from this exercise. We also encourage Member States to continue their efforts in the area of exercises, both at national and pan European levels. ENISA will strongly support their efforts."

Some of the interim findings and recommendations of Member States (MS) participants include:

- The exercise fully met its objectives. The scenario was well
balanced between technical and communication requirements.

- Exchanging 'lessons-learnt' with other (national or
international) exercises would be useful.

- The private sector should be part of the next pan-European

- There is a lack of pan-European preparedness measures to
test. This reflects the fact that many Member States are still refining
their national approaches.

- The exercise was only the first step towards building trust
at pan-European level. More co-operation and information exchange is

- Incident handling in Member States varies a lot due to the
different roles, responsibilities and bodies involved in the process.
The Member States had difficulties in fully grasping how incidents
are managed in other MS.

- There is no need for creating a new pan-European directory
of contacts. The existing ones are sufficient but need to be updated
and completed regularly.

- ENISA's role in organising and managing future exercises is
highly recommended by MS.

- Member States support future pan-European exercises, but
more time should be allocated to plan and execute the exercise.

These interim findings and recommendations are only reflecting the initial discussion with MS during the debriefing, and will be followed by a thorough analysis of the status reports, the logs, etc.

Interim Findings of CYBER EUROPE 2010, the First Pan-European Cyber Security Exercise; a Successful 'Cyber Stress Test' for Europe

No comments: