The Office of the Commissioner of Electronic Communications and Postal Regulation (OCECPR) – Digital Security Authority (DSA), successfully concluded Its Participation in the 8th Pan-European Cyber Crisis Exercise “Cyber Europe 2026”!
On June 10th and 11th, the Office of the Commissioner of Electronic Communications and Postal Regulation – Digital Security Authority, together with organizations from both the public and private sectors, actively participated in Europe’s largest cybersecurity exercise. This year’s exercise focused on the resilience of critical infrastructure in the Transport sector, with particular emphasis on Maritime and Railway systems (for countries with railway networks).
What is “Cyber Europe”?
“Cyber Europe” is a series of large-scale, cross-border cyber crisis management exercises. These exercises feature complex and realistic scenarios inspired by real-world incidents and emerging threats. ENISA develops these exercises in collaboration with European cybersecurity experts.
They simulate large-scale cybersecurity incidents that evolve into cyber crises, with the aim of analyzing complex technical events and testing participants’ ability to manage challenging situations and exchange critical information with their peers and other stakeholders.
“Cyber Europe” brings together leading cybersecurity experts from both the public and private sectors across the EU and EFTA, as well as from other European institutions, agencies, and bodies, with the goal of strengthening their technical and operational capabilities.
During the exercise, our teams were tasked with managing multiple incidents affecting railway and maritime operations, which unfolded simultaneously across all EU Member States. This created a highly complex crisis management environment that required coordinated response and close collaboration among all involved parties.
From a technical perspective, participants had the opportunity to analyze complex incidents—such as ransomware attacks, attacks targeting Operational Technology (OT), and attacks on navigation control and port management systems—and to test their operational plans under high-pressure conditions, in full alignment with the requirements of the NIS2 Directive.
This year’s participation of Cyprus was particularly significant. Within the framework of the Cypriot Presidency of the Council of the European Union, Cyprus, through the Office of the Commissioner of Electronic Communications and Postal Regulation – Digital Security Authority, assumed responsibility for leading the European Cyber Crisis Liaison Organisation Network (CyCLONe), coordinating cooperation among Member States at an operational and political level throughout the exercise.
