A first joint cyber security exercise – Cyber Atlantic 2011 – between the European Union (EU) and the US, with the support of the EU’s Network and Information Security Agency (ENISA) and the US Department of Homeland Security, was held on 03 November 2011.
The exercise aims to ‘tackle new threats to the global networks upon which the security and prosperity of our free societies increasingly depend.’
ENISA’s role involves supporting EU Member States in organising cyber security exercises and formulating national contingency plans, with good practice guides and seminars.
The day-long table-top exercise used simulated cyber-crisis scenarios to explore how the EU and US would engage each other and cooperate in the event of cyber-attacks on their critical information infrastructures.
In the first scenario, a targeted stealthy cyber-attack (Advanced Persistent Threat – APT) attempts to exfiltrate and publish online, secret information from EU Member States’ cyber security agencies. The second simulation focuses on the disruption of supervisory control and data acquisition (SCADA) systems in power generation infrastructures.
Cyber Atlantic 2011 is part of an EU-US commitment to cyber security which was made at the EU-US summit in Lisbon on 20 November 2010.
More than 20 EU Member States are involved in the exercise, 16 of them actively playing, with the European Commission providing high-level direction.