National Cyber Security Centre (NCSC) participates in the seventh edition of Cyber Europe
From Department of the Environment, Climate and Communications
Published on
Last updated on
From Department of the Environment, Climate and Communications
Published on
Last updated on
The National Cyber Security Centre (NCSC) last week participated in the seventh edition of Cyber Europe, one of the largest cyber security exercises in Europe. The exercise is organised by ENISA, the European cyber security agency, and focused on challenging the resilience of the European energy sector and data centre service providers.
The focus on the energy sector arises from its role as a supplier of critical national infrastructure. It plays a crucial part in the daily life of citizens across Europe, as well as within its economy and, as a result, it is particularly susceptible to cyber threats and attacks. ENISA has highlighted that in 2023 over 200 reported cyber incidents targeted the sector.
The aim of the exercise was to test the preparedness of the organisations, as well as their procedures and protocols established for such an incident. It also allowed the NCSC to test its capabilities, and examine both the National Cyber Emergency Plan and our lines of communication within the overarching European structure. Such a large-scale exercise assists in ensuring that the government, state agencies and relevant stakeholders are prepared to effectively respond to a large-scale cyber incident impacting critical national infrastructure.
Such cyber exercises (including annual national-level ones, and large-scale ones such as Cyber Europe and Locked Shields) are part of ongoing routine, contingency planning at government level, and are crucial to ensure a coordinated response to incidents. Colleagues (from amongst others) Gas Networks Ireland, BT, the ESB, the Commission for Regulation of Utilities (CRU) also took part in the exercise, allowing them to test their robust procedures that were instigated in response to the exercise within their respective organisations.
This year’s Cyber Europe exercise focused on a scenario that involved cyber threats targeting the EU energy infrastructure deriving from friction caused by geopolitical tension between the European Union and a fictitious foreign nation. With propaganda swaying public opinion and concerns about APTs (Advanced Persistent Threat) groups exploiting vulnerabilities, the energy sector became a prime target. To prevent a large-scale attack crippling the European economy and destabilising political balance, stakeholders had to swiftly coordinate their actions and response. Thousands of participants throughout the EU had a common challenge, and received hands-on experience in dealing with complex cyber situations.
Speaking after the conclusion of the exercise, the Minister of State with responsibility for cyber security, Ossian Smyth, said:
"I'm delighted the NCSC were able to take part in Cyber Europe once again this year. Such large-scale exercises are important tools in consistently testing the nation’s resilience, and our processes. The scenario outlined a series of escalating cyber incidents in the energy sector, which also affected data centre service providers. It was a complex and challenging reminder of the difficulties associated with responding to and managing such attacks.
"I'd like to thank those who took part with us – including the ESB, BT, Gas Networks Ireland, the CRU, and others from across the energy and data centre provision sectors. This co-operation allowed us to test and coordinate with our partners across the public and private sector, as well explore the resilience of our National Cyber Emergency Plan. It also leaves us better prepared to collaborate during any real-life situations."
The NCSC (National Cyber Security Centre) was founded in 2011 and is an operational, cyber-security unit within the Department of the Environment, Climate and Communications.
The NCSC has three main roles. These are: