National Security Department of Presidency of the Government coordinates participation of companies and institutions in largest cyber-security exercise ever carried out in Europe

News - 2016.10.19

The Cyber Europe 2016 Exercise, organised every two years by the European Union Agency for Network and Information Security (ENISA), is the largest and most extensive exercise of this nature ever carried out by the European Union. Spain, under the coordination of the National Security Department, has taken part in the events in 2010, 2012, 2014 and 2016.

This year, the Cyber Europe 2016 Exercise took place on 13 and 14 October, with the participation of more than 300 institutions and companies from 28 Member States, plus Switzerland and Norway, with the aim of boosting cooperation at all levels within the framework of crisis resolution in the field of cyber-security.

At a national level, 11 companies have taken part from the financial sector and from the security in information and communication technologies sector, as well as the following State institutions:

National Security Department (Single Point of Contact)
Joint Cyber-Defence Command (Ministry of Defence)
National Centre for the Protection of Critical Infrastructures (Ministry of Home Affairs)
INCIBE (Security and Industry Emergency Response Teams - CERTSI)

During the course of the exercise, the participants tested their capabilities in regard to resolving cyber-security emergencies, fostering public-private collaboration and the exchange of information. This was carried out within the framework of the procedures to manage and coordinate cross-border incidents contained in the European Union Directive on Security of Network and Information Systems (better known as the NIS Directive).

ENISA, the European Commission and Member States are stepping up cooperation at an EU level in resolving cyber-security crises. The future management of cyber-crises in Europe, which is being planned at present by the European Commission, includes the drafting of a cooperation plan for these situations and the development of a cyber-crisis management platform. The ENISA exercises offer a singular opportunity to test out new developments, prepare for the future and step up cooperation on the issue of cyber-security at an EU level.

Next steps

EnisaENISA and Member States will analyse the results of Cyber Europe 2016. The specific lessons learned will be shared among the participants in the exercise with the aim of drawing up a list of actions to improve cyber-security in Europe. It is hoped that many of the conclusions of the exercise will be useful in the application of the NIS Directive and the work of the CSIRT Network, together with the European cybernetic cooperation platform.

Following these activities, a report will be published containing the main conclusions, which will be made available in early 2017. Cyber Europe will continue in 2018, although a number of smaller-scale exercises are due to be carried out in the meantime.