The European Union Agency for Cybersecurity (ENISA) conducted Cyber Europe 2024, focusing on strengthening the EU energy sector’s resilience to cyberattacks. This large-scale exercise revealed significant vulnerabilities, including 32% of energy sector operators lacking SOC-monitored OT processes and only 52% integrating OT and IT under a single SOC. These findings highlight the urgent need for increased cybersecurity investment in this critical sector.
The simulated crisis involved cyber threats to the EU’s energy infrastructure, stemming from fictitious geopolitical tensions and advanced persistent threat (APT) groups. The exercise required participants to swiftly coordinate actions to prevent a large-scale attack that could have destabilized the European economy and political landscape. The scenario included propaganda efforts aimed at influencing public opinion and exploiting vulnerabilities.
Over two days, the exercise engaged 30 national cybersecurity agencies, several EU bodies, and over 1,000 experts. The participants worked to enhance their crisis management and coordination skills, ensuring business continuity amidst simulated large-scale cyber incidents. The event underscored the importance of collaborative efforts in safeguarding critical infrastructure across Europe.
ENISA will analyze the exercise outcomes and compile an after-action report to guide future improvements. Juhan Lepassaar, ENISA’s executive director, emphasized the necessity of constant readiness to protect critical infrastructure, stating that Cyber Europe 2024 demonstrated a strong commitment to advancing preparedness and response capabilities within the EU.
Reference:
