Realistic crisis simulations are the backbone of cyber preparedness – ENISA plays a role in EU cyber preparedness

Many thanks to the great folks at ENISA, who have sponsored my writing for the past week.

Regular readers of this blog will be more than familiar with the myriad of cyber threat and vulnerabilities which internet users are unknowingly faced with on a daily basis. But recently, the topic of cybersecurity has been dominating the headlines of more than just tech-focused outlets. From concerns about the targeting of critical infrastructure, to increasingly-substantiated accusations around nation-state hacking of electoral systems, cybersecurity is no longer a niche topic, but a matter for far wider public concern.

With this in mind, it is essential that Europe be as prepared as possible to mitigate ever-evolving cyber threats. They say there’s no substitute for experience – but that doesn’t mean learning on the job. Instead of waiting for the next cyber crisis to strike just so we can learn lessons, we prefer another motto: practice makes perfect.

Realistic crisis simulations are the backbone of cyber preparedness efforts. With just enough unknown variables to keep participants on their toes, without actually jeopardising their operations, a cyber exercise allows security experts to test their capacity for problem-solving, troubleshooting and crisis management in a realistic timeframe but a non-hostile environment.

We need the practice. Europe’s economic welfare is increasingly rooted in its provision and exploitation of digital services. This provides massive opportunities for growth, job creation and social prosperity. But it also makes us a prime target for cyber criminals looking to perform industrial reconnaissance, tamper with customer data, manipulate stock markets, or even sabotage critical infrastructures.

At the EU Agency for Network and Information Security (ENISA), we want as many people as possible to get this practice in. That’s why, every two years, we organise the EU’s largest and most comprehensive cybersecurity exercise, Cyber Europe.

The latest edition of this event, held in October 2016, brought together over 300 organisations and 700 technical experts to test how ready they would be if a major cybersecurity incident were to strike. These included Members States’ cybersecurity agencies, EU institutions and national ministries, and cybersecurity experts from internet, telecoms and cloud service providers. All were focused on securing Europe’s digital defences within a fictional scenario which unfolded across six months and culminated in the largest, most realistic and most comprehensive such exercise to date.

This time around, our scenario had all the hallmarks of a Hollywood blockbuster – the sudden disabling of Internet services continent-wide and a city-wide blackout, a spate of confidential data leaks and data centre fires, rumours of a shadowy organisation attempting to undermine the EU’s digital economy. But given recent headlines, perhaps this prospect isn’t so far-fetched after all. Effective cybersecurity demands constant vigilance for new threats and modes of attack. Exercises which give Europe’s foremost cybersecurity professionals a chance to analyse complex incidents and rehearse appropriate response measures are essential.

Equally important is the ability to translate learnings into concrete actions. The outcomes from every exercise are analysed with a view to establishing next steps which can be taken to further improve Europe’s overall cybersecurity – these will be released on our website in July.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about cybersecurity, you can find more information here.