Awareness Training - Save 60% on Yearly Plan.
Prices
Book Demo

Article 16

European cyber crisis liaison organisation network (EU-CyCLONe)

1.   EU-CyCLONe is established to support the coordinated management of large-scale cybersecurity incidents and crises at operational level and to ensure the regular exchange of relevant information among Member States and Union institutions, bodies, offices and agencies.

2.   EU-CyCLONe shall be composed of the representatives of Member States’ cyber crisis management authorities as well as, in cases where a potential or ongoing large-scale cybersecurity incident has or is likely to have a significant impact on services and activities falling within the scope of this Directive, the Commission. In other cases, the Commission shall participate in the activities of EU-CyCLONe as an observer.

ENISA shall provide the secretariat of EU-CyCLONe and support the secure exchange of information as well as provide necessary tools to support cooperation between Member States ensuring secure exchange of information.

Where appropriate, EU-CyCLONe may invite representatives of relevant stakeholders to participate in its work as observers.

3.   EU-CyCLONe shall have the following tasks:

(a)

to increase the level of preparedness of the management of large-scale cybersecurity incidents and crises;

(b)

to develop a shared situational awareness for large-scale cybersecurity incidents and crises;

(c)

to assess the consequences and impact of relevant large-scale cybersecurity incidents and crises and propose possible mitigation measures;

(d)

to coordinate the management of large-scale cybersecurity incidents and crises and support decision-making at political level in relation to such incidents and crises;

(e)

to discuss, upon the request of a Member State concerned, national large-scale cybersecurity incident and crisis response plans referred to in Article 9(4).

4.   EU-CyCLONe shall adopt its rules of procedure.

5.   EU-CyCLONe shall report on a regular basis to the Cooperation Group on the management of large-scale cybersecurity incidents and crises, as well as trends, focusing in particular on their impact on essential and important entities.

6.   EU-CyCLONe shall cooperate with the CSIRTs network on the basis of agreed procedural arrangements provided for in Article 15(6).

7.   By 17 July 2024 and every 18 months thereafter, EU-CyCLONe shall submit to the European Parliament and to the Council a report assessing its work.

Frequently Asked Questions

The European Cyber Crisis Liaison Organisation Network (EU-CyCLONe) was set up to help European countries manage cybersecurity incidents together, ensuring better coordination during large-scale cyber crises and allowing countries and EU bodies to share important information regularly, enhancing overall cybersecurity resilience and preparedness across all member states and EU institutions.
EU-CyCLONe mainly includes representatives from each EU country’s cyber crisis management authority, plus the European Commission when cybersecurity incidents significantly affect critical services, while the EU’s cybersecurity agency ENISA supports by managing secretariat functions; additionally, other key stakeholders can sometimes be invited as observers if necessary to help address specific cybersecurity concerns or incidents.
EU-CyCLONe focuses on improving Europe’s readiness for major cyber crises, building shared understanding of ongoing emergencies, helping assess their impacts, suggesting actions to reduce damage, coordinating responses effectively across member states, supporting quicker decision-making at political levels, and reviewing national cybersecurity response plans when requested by countries involved in cyber incidents.
EU-CyCLONe regularly cooperates and shares findings with the Cooperation Group and the European Parliament, also partnering closely with the network of Computer Security Incident Response Teams (CSIRTs) through clearly defined procedures; these arrangements help ensure effective, well-coordinated responses to cyber threats, enhancing Europe’s collective cybersecurity efforts.

NIS2 Training

Start Training

Book Demo

We will get back to you via email as soon as possible.