On Friday 1 April, the ambassadors of the 27 Member States to the EU took part in the final part of the large-scale cyber attack simulation exercise that had been conducted since 8 January 2022 (see EUROPE 12890/12). This exercise should have been finalised by the end of February, but the Russian invasion of Ukraine disrupted the agenda.
On the occasion of this last step, the European External Action Service noted the options for additional diplomatic measures available in the cyber diplomacy toolbox. The European Commission, for its part, took stock of the tools at its disposal to collaborate and Member States were tasked with “exploring the full range of measures in response to the cyber attack”. Emphasis was also placed on the assistance that can be provided to Member States affected by a cyber attack.
In the previous phase, the Member States had, among other things, carried out an assessment of developments in February and considered the contributions made by the Cyber Crisis Liaison Organisation Network (‘CyCLONe’) and the EU’s Integrated Political Crisis Response arrangements (IPCR).
Following this exercise, the French Presidency of the EU Council, the EEAS and ENISA will prepare an ‘after action report’ presenting the lessons learned from the exercise since its inception.
See the document (in French): https://aeur.eu/f/13s (Original version in French by Thomas Mangin)