Irish Information Security Forum

Cyber Europe 2022 (CE2022)

Testing the Resilience of the European Healthcare Sector

Source  GOV.IE , ENSIA


The National Cyber Security Centre (NCSC), the Health Service Executive (HSE) and a number of hospitals and pharmaceutical providers have participated in a large-scale European cyber exercise.


Cyber Europe 2022, organised by the European Cyber Security Agency (ENISA), saw participation from 29 countries and over 800 cyber security experts.


ENISA Logo cyber europe 2022 enisa logo


The exercise tested participants’ response to a simulated major cyber-attack on health services and infrastructures in Europe.

Taking place over 2 days the exercise assessed participants’ ability to respond to disinformation campaigns and cyber-attacks targeting European hospital networks. The exercise involved a simulated scenario whereby a cyber-attack escalated into an EU-wide cyber crisis, with the threat of personal medical data being released.


The Executive Director of the EU Agency for Cybersecurity, Juhan Lepassaar, said:

“The complexity of our challenges is now proportionate to the complexity of our connected world. This is why I strongly believe we need to gather all the intelligence we have in the EU to share our expertise and knowledge. Strengthening our cybersecurity resilience is the only way forward if we want to protect our health services and infrastructures and ultimately the health of all EU citizens.”


Commenting on the Cyber Exercise, the NCSC’s Head of Engagement, Joseph Stephens, said:

“The scenario developed by ENISA was realistic, but also complex and challenging. Having dealt with a real-life cyber incident affecting the health sector – during the HSE ransomware attack in 2021 – the NCSC was well placed to deploy a lot of the lessons learned. The scenario, which involved serious attacks across the entire EU, also allowed us to exercise and coordinate with our partners through EU Cyber Crisis Networks, leaving us better prepared to collaborate during any real-life situations.”


A detailed analysis will now take place, following the exercise, to identify any gaps or scope for further capacity-building. The After Action Report findings will serve as a basis for future guidance and further enhancements – to reinforce the resilience of the healthcare sector against cyber-attacks in the EU.

Irish participation
The Irish organisations that participated in this ‘Cyber Europe’ exercise were the: National Cyber Security Centre (NCSC); Department of Health; Health Service Executive (HSE); Mater Misericordiae University Hospital; St James’s Hospital; National Ambulance Service; Irish Blood Transfusion Service (IBTS); St Vincent's Healthcare Group; and Marken.



> ENISA CE2022 press release June 09, 2022
enisa press release cyber europe 2022





Contact IISF


If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:

By post:

C/O David Cahill

An Post

Information Security
GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

secured by edgescan digital security radar

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy Statement  - ISRef  - Sponsorship  - Produced by
LinkedIn Twitter