Home » Policy Landscape » Cybersecurity » Co-ordinated Response to Large Scale Cyber Incident: The Blueprint

Co-ordinated Response to Large Scale Cyber Incident: The Blueprint

Political Challenges

In the wake of the Wannacry and NotPetya attacks, the package of measures adopted in September 2017 also included a Commission Recommendation on a coordinated response to largescale cybersecurity incidents and crises (‘Blueprint’). The Blueprint applies to cybersecurity incidents which cause disruption too extensive for a concerned Member State to handle on its own or which affect two or more Member States or EU institutions with such a wide-ranging and significant impact of technical or political significance that they require timely policy coordination and response at Union political level.

Its objective is to ensure that Member States and EU institutions can improve their situational awareness, respond effectively and provide consistent public communications using the existing Crisis Response Frameworks on a layered basis, namely at technical,  operational and strategic levels. There is a need for a more coordinated approach to crisis response so that Member States promptly share relevant critical information with each other and also alignment and consistency of messages to the public takes place resulting in containment of the damaging impacts of cyber attacks.

Open files

In the context of NIS Cooperation group under the NIS Directive, Member States are engaged in improving the crisis response framework. A “Cybersecurity Incident Taxonomy” has been developed that describes the cause, impact and outlook of cybersecurity incidents providing all relevant actors with commonly agreed terms and definitions to support their decisions in the context of crisis management. Further work is underway to structure and document cooperation procedures amongst Member States. Spain is leading on the development of procedures for operational level co-operation, while France is to host an exercise for testing the Blueprint.

The Commission is involved in the relevant work of the NIS Co-operation Group. Its role is to encourage Member States to implement the 2017 Recommendation while highlighting the role of exercises in enhancing and streamlining the established crisis response procedures and processes.

New Ideas

The Blueprint plays a role with the NIS Directive notably in regard to the CSIRTs Network, which aims to realise swift and effective operational co-operation at technical level. The emerging MeliCERTes facility gives national CSIRTs concrete means to share information and to cooperate in the EU wide fight against cyber attacks and cyber threats. This suite of tools can be used in exercises to assess the effectiveness of the crisis response framework at technical level.

News

Do you have an innovative business idea that addresses one of M-Sec’s smart city challenges? Are you interested in security and privacy issues of IoT devices and apps? Then apply by 26 August, participate at the M-Sec Online Contest between 9 and 10 September and get the chance to design, develop and present your business idea before a panel of international experts

Future Events

Two H2020 projects: SOCCRATES (https://www.soccrates.eu/) and SAPPAN (https://sappan-project.eu/) jointly organize the NG-SOC 2021 workshop, to be held in conjunction with the 16th International Conference on Availability, Reliability and Security (ARES 2021 – http://www.ares-conference.eu)
August 17 – August 20, 2021, Vienna, Austria

17/08/2021 to 20/08/2021

Do you have an innovative business idea that addresses one of M-Sec’s smart city challenges? Are you interested in security and privacy issues of IoT devices and apps? Then apply by 26 August, participate at the M-Sec Online Contest between 9 and 10 September and get the chance to design, develop and present your business idea before a panel of international experts

06/09/2021 to 10/09/2021