Cyber Blueprint - Draft Council Recommendation

The Cyber Blueprint should enable relevant Union-actors (meaning Union-level individual entities and networks of entities) to understand how to interact and make the best use of available mechanisms across the full crisis management lifecycle. It aims to explain what a cyber crisis is and what triggers a cyber crisis mechanism at Union level. It explains the use of available mechanisms like the Cybersecurity Emergency Mechanism, including the EU Cybersecurity Reserve, in preparing how to manage, respond to and recover from a crisis arising from a large-scale cybersecurity incident. It furthermore aims to foster a more structured cooperation between civilian and military actors, including cooperation with North Atlantic Treaty Organisation (NATO), given that a large-scale cyber incident affecting Union civilian infrastructure on which the military rely may also activate NATO response mechanisms.

The Cyber Blueprint is a non-binding instrument which identifies specific actions for relevant actors in a cyber crisis and which can enhance the overall effectiveness of the cyber crisis management framework. It updates the blueprint set out in Commission Recommendation (EU) 2017/1584 on coordinated response to large-scale cybersecurity incidents and crises, and it is informed by the outcomes and lessons learned from Union-level exercises since that recommendation was adopted.