- Acquire an overview of the level of resilience (in terms of policies adopted, available capabilities and skills) of election systems across the EU, including an assessment of the level of awareness among other stakeholders (e.g. political parties, electoral campaign organisations and suppliers of relevant IT equipment);
- Enhance cooperation between relevant authorities at national level (including elections authorities and other relevant bodies and agencies, such as cybersecurity authorities, Computer Security Incident Response Teams (CSIRTs), the Data protections Authority (DPA), authorities dealing with disinformation issues, cybercrime units, etc.);
- Verify EU Member States’ capacity to adequately assess the risks related to the cybersecurity of European elections, promptly develop situational awareness and co-ordinate communication to the public;
- Test existing crisis management plans as well as relevant procedures to prevent, detect, manage and respond to cybersecurity attacks and hybrid threats, including disinformation campaigns;
- Improve cross-border cooperation and strengthen the link with relevant cooperation groups at EU level (e.g. Election Cooperation Network, NIS Cooperation Group, CSIRTs Network) in order to improve the capacity to respond in a coordinated manner in the event of cross-border cybersecurity incidents;
- Identify all other potential gaps as well as adequate risk mitigation measures which should be implemented ahead of the European Parliament elections.
Background
In September 2018 the European Commission announced a set of concrete measures to address potential threats to elections, including a recommendation of the European Commission on election cooperation networks, online transparency, fighting disinformation campaigns and protection against cybersecurity incidents.
In line with this European Commission recommendation, a European Cooperation Network on elections has been established. This network has already met three times in Brussels to discuss necessary actions to address potential threats to the elections and thereby strengthen the resilience of the European Union’s democratic systems. One of the actions that this network decided to pursue was the organisation of a table-top exercise to test EU’s cybersecurity preparedness to ensure secure, free and fair EU elections 2019.
Friday’s cybersecurity test also goes hand-in-hand with the Action Plan against disinformation that the European Union adopted last December to build up capabilities and strengthen cooperation between Member States and EU institutions to proactively address the threats posed by disinformation.
Edited by Bouli Hadjioannou
