First EU Cyber Defence Exercise

EU Defence Ministers participate in “EU CYBRID 2017”, a strategic table-top cyber defence exercise. The exercise, the first of its kind, is organised by the Estonian Presidency of the Council of the European Union, the Estonian Ministry of Defence and the European Defence Agency (EDA). 
 
In the simulation, hackers sabotaged the EU’s naval mission in the Mediterranean and launched a campaign on social media to discredit the EU operations and provoke protests. 
 
Each of the defense ministers tried to contain the crisis over the course of the 90-minute, closed-door exercise in Tallinn that officials sought to make real by creating mock news videos giving updates on an escalating situation. German Defence Minister Ursula von der Leyen said the “extremely exciting” war game showed the need for EU governments to be more aware of the impact of cyber-attacks on critical infrastructure in the EU.
 
EU CYBRID 2017
The objective of EU CYBRID 2017 is to raise awareness of cybersecurity incident coordination at political level and of the potential effects of offensive cyber-campaigns. It focuses on situational awareness, crisis response mechanisms and strategic communication. 
 
Cyber is widely recognised as a major threat in the EU’s Common Security and Defence Policy (CSDP), yet there has been limited attention to EU missions and operations’ resilience. 
 
To address cyber threats in CSDP, Estonia organised in cooperation with the European Defence Agency a strategic table-top cyber-exercise “EU CYBRID 2017” for EU Ministers of Defence during their informal meeting in Tallinn on 7 September 2017. 
“Cyber, the fifth domain of warfare, must be given as much attention as land, air, sea and space. There is no 100% protection in cyber. It is imperative that EU Defence Ministers test their cyber defence mechanisms. The buy-in of Member States is key for the EU to have the necessary skills, technology and capabilities”, Jorge Domecq, Chief Executive of the European Defence Agency, said.
 
The scope of the exercise is crisis response to a major offensive cyber campaign against EU military structures in a hybrid warfare context. The objectives of the exercise are: 
 
• Situational awareness. Use the EU Intelligence and Situation Centre (INTCEN) to ensure a common understanding of the crisis and the impact of hybrid attacks on EU military structures and to give initial assessment/context for the cyber-campaign. 
• Crisis Response. Raise awareness of the instruments available to the EU in to give strategic guidance on the response to a major offensive cyber-campaign against CSDP structures in a hybrid warfare context. 
• STRATCOM. To coordinate initial messages among EU Member States at political level. 
• Cyber defence. Raise awareness on cybersecurity incident coordination at political level and demonstrate potential effects of offensive cyber-campaigns. 
• Trigger discussions at Council level with a view to examine possible measures in response to specific events, drawn from the crisis scenario. 
 
About the Exercise
EU CYBRID 2017 is a table-top cyber exercise focused on strategic choices and considerations at the EU ministerial level. The goal of the exercise is to highlight a number of strategic concerns and topics that arise in connection with any hypothetical cyber crisis. This exercise should serve as a forum for discussion at ministerial level and provide strategic guidance to address future crises. The exercise scenario included an orchestrated cyber-attack campaign against an EU-led military operation affecting both an EU Headquarter in Rome (OHQ Rome) and its subordinated maritime assets. 
Multiple cyber-attacks covering a range of cyber threats combined with other incidents took place over the course of the exercise. The exercise scenario refers to fictitious countries, organisations and operations. 
 
Cyber Defence and the European Defence Agency
Cyber defence is one of the priorities of the EDA’s capability development plan and of the NATO-EU Joint Declaration. A project team consisting of EDA and its participating Member States' representatives is responsible for jointly developing cyber defence capabilities within the EU CSDP, supported by R&T experts. 
 
The Agency’s main focus is on supporting member states in building a skilled military cyber defence workforce and in ensuring the availability of proactive and reactive cyber defence technology. The EDA for example develops, pilots and delivers a variety of cyber security & defence courses and exercises from basic awareness over expert level to decision maker training.
 
European Defence Agency:           Reuters
 
You Might Also Read: 
 
NATO Cyber War Games 2017: Czechs Win:
 
Cybercrime In The EU -  Where Are You Safe?:
 

 

 

 

 
 
 
« The New GDPR Rules Focus On Consumer Protection
In Demand: Cybersecurity Specialists »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

Saudi Federation for Cyber Security and Programming (SAFCSP)

Saudi Federation for Cyber Security and Programming (SAFCSP)

SAFCSP is a national institution under the umbrella of the Saudi Arabian Olympic Committee, which seeks to build national and professional capabilities in the fields of cyber security and programming.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

Center for Information Technology Policy (CITP) - Princeton University

Center for Information Technology Policy (CITP) - Princeton University

The Center for Information Technology Policy at Princeton University is a nexus of expertise in technology, engineering, public policy, and the social sciences.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

Zerify

Zerify

Zerify offers the industry’s only video conferencing platform built with a zero-trust architecture to keep your meetings secure, private and business compliant.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.

Security Compliance Associates (SCA)

Security Compliance Associates (SCA)

The sole focus of SCA is safeguarding critical information and complying with information security regulations.