ENISA actively contributes to cooperative preparedness among Member States and response at the EU level through facilitating common and effective situational awareness. In doing so, the Agency works to improve preparedness and effective incident response and cooperation among Member States and EU institutions, as well technical, operational and political actors during incidents or cyber crises.
Cooperative mechanisms include cross-layer and cross-border information exchange between all operational actors in the EU in the event of large-scale cross-border cybersecurity incidents or crises. Overall, the Agency monitors, collects, analyses and disseminates, relevant, timely and quality information about cybersecurity incidents and threats to enhance intelligence, prevention and response. Aiming to boost situation awareness, ENISA provides operational risk evaluation and guidance by analysing the impact and nature of threats and incidents in the single market.
CSIRTs Network and EU -Cyclone
ENISA ensures information flow between the computer security incident response teams (CSIRTs) Network, the European cyber crisis liaison organisation network (EU-CyCLONe), the Inter-Institutional Cyber Crisis Task Force and collaborates with other EUIBAs services such as the Cybersecurity Service for the Union entities (CERT-EU), the European Cybercrime Centre (EC3) set up by the Europol, the European External Action Service (EEAS), including the EU Intelligence and Situation Centre, and DG Communications Networks’ Cyber Coordination Task Force Unit. Along with assistance provided through analyses and advice to the European Commission and the relevant bodies, ENISA is also contributing to the Integrated Situational Awareness Assessment (ISAA), when the integrated political crisis response (IPCR) mechanism is activated.
In line with Articles 7 and 9 of the Cybersecurity Act, ENISA is tasked to prepare a regular in-depth EU Cybersecurity Technical Situation Report, also known as the Joint Cyber Assessment Report (JCAR). Additionally, ENISA produces regular weekly open-source intelligence reports, a joint rapid report with CERT-EU and other ad hoc reports as needed to enhance security awareness.
Cyber Partnership Programme
In the situational awareness field, ENISA also manages the Cyber Partnership Programme and the use of information exchange with security vendors and non-EU cybersecurity entities.
OpenCSAM
Towards providing timely and accurate cyber situational awareness not only to ENISA but to other EUIBAs and to the Member States, ENISA has developed and operates an AI-enabled ‘Open Cyber Situational Awareness Machine’ (OpenCSAM), that processes daily amounts of data and provides aggregated and up to date information with regards to cyber threats.