BLUE OLEX 2023: Getting Ready for the Next Cybersecurity Crisis in the EU
October 2023 by Marc Jacob
Together with the European Commission under the Spanish Presidency of the EU Council, the European Union Agency for Cybersecurity (ENISA) co-organised and co-hosted the Blue Olex table-top cyber exercise in the Hague, Netherlands
With the upcoming EU elections and cyber threats spreading widely, the EU needs to strengthen its capacities. This was precisely the objective of the Blue Olex exercise to test the preparedness of the European Cyber Crisis Liaison Organisation Network (EU-CyCLONe), the cooperation network for Member States national authorities in charge of cyber crisis management.
Launched in 2020, the EU CyCLONe network was formally established by the NIS2 directive on 16 January 2023.
Roberto Viola, Director General for Communications Networks, Content and Technology (CNECT): ”Cyber crises have no borders and the EU must continue strengthening its capacities especially when it comes to cyber crisis management. I am pleased that the EU-CyCLONe, combining EU and Member States capabilities is testing its resilience and how to act in the case of cyberattacks and large-scale cyber incidents. A stronger cyber response makes the EU a safer continent.”
Juhan Lepassaar, Executive Director of the European Union Agency for Cybersecurity (ENISA) said: “The EU CyCLONe is an invaluable asset. Only a stronger cyber crisis coordination will allow us to best mitigate future large-scale incidents and cross-border crises in the EU.”
The chair of the EU-CyCLONE Network (Spain) said: "Crisis management has been a priority for Spain for years. I would like to remember that the origin of CyCLONe was set up in our country, with the celebration of a Seminar in 2019 in Madrid on Large scale cyber incidents and crisis. The first conclusion was the need to set up an Exercise (BlueOlex) to develop the operational layer. These exercise series allow to test EU preparedness in the event of a cyber-related crisis affecting the EU Member States for strengthening the cooperation between all relevant actors. Since then, CyCLONe has been maturing in its procedures, tools, mechanisms and capabilities, managing to lay its legal foundations in the NIS 2 Directive. The 2023 BlueOlex edition, has again showed us the strong commitment that all Member States, European Commission and ENISA have against threats and challenges that, for sure, we will face in a near future to guarantee a more cyber secure and resilient Europe."
What is the objective of the EU CyCLONe?
The network collaborates and develops information sharing and situational awareness based on the support and tools provided by ENISA, also acting as the CyCLONe Secretariat. The network is chaired in turns by a representative from the Presidency of the Council of the EU.
Formed by the representatives of Member States’ cyber crisis management authorities, the EU CyCLONe intervenes together with the European Commission in case of large-scale cybersecurity incidents likely to have a significant impact on services and activities falling into the scope of the NIS2 Directive.
About Blue Olex ‘23
BlueOlex ‘23 tested the EU preparedness in the event of a cyber-related crisis affecting the EU Member States and to strengthen the cooperation between the national cybersecurity authorities, the European Commission and ENISA. The aim of the exercise is to build a stronger relationship among the cybersecurity community participating in the exercise, increase the situational awareness and share best practices. Finally, it sets the scene for a high-level political discussion, on strategic cyber policy issues, in particular, shaping a coherent framework for crisis management at EU level.
This edition of the exercise gathered high level executives of the 27 Members States’ competent authorities in charge of cyber crisis management and/or cyber policy, the European Commission and the EU Agency for Cybersecurity. It was the opportunity for them to exercise the interaction between the new network and the EU political level and to strengthen trust and collaboration that is key for joint response.
ENISA also supports the organisation of exercises for EU CyCLONe members, such as CySOPex (played by officers) and as in this case BlueOLEx (played by executives). These exercises aim to identify improvements and potential gaps in the standardised way of responding to incidents and crises (i.e. Standard Operating Procedures), train on situational awareness and information sharing processes. EU CyCLONe Members also participated in Cyber Europe 2022 and are gearing up for CySOPex 2023 and Cyber Europe 2024.