Update Study on the Development of a European Cyber Defence Centre
An update to the study on an EU Cyber Defence Centre for Common Security & Defence Policy crisis management operations helped inform a number of work and policy initiatives and contributed to the launch of the cyber education, training, exercise and evaluation platform at the European Security and Defence College.
The European Union (EU) is facing many complex security and defence challenges that no individual member state can meet on its own. A significant part of the EU’s cyber defence and cybersecurity strategy is the development of capabilities for cyber defence.
In 2013-2014, a consortium group, led by RAND Europe, conducted a study for the European Defence Agency (EDA) mapping out cyber defence training needs in Europe and exploring the concept and feasibility of an EU Cyber Defence Centre. Recently, there have been efforts taking place to build capability within the current cyber defence and cybersecurity policies outlined in the European Commission’s European Defence Action Plan (PDF). In addition, the aims and objectives of the Joint Communication on a Cyber Security Strategy (PDF) have already set out measures to enhance the cyber resilience of IT systems, reduce cybercrime and strengthen EU international cybersecurity policy and cyber defence.
In 2017, RAND Europe was commissioned to provide an update to the study on an EU Cyber Defence Centre for Common Security & Defence Policy crisis management operations. The project focused specifically on Education, Training, Evaluation and Exercises in support of the European Defence Action Plan and wider EU cyber defence and cybersecurity programmes.
The European Defence Agency (EDA) asked RAND Europe and FRS to compile an inventory of cyber defence capabilities at the European level (in the context of EU-led missions) and of European Member States. The research gathered empirical evidence on a range of defence capabilities; analysed and charted the interdependencies between military capabilities and other organisations; and reviewed arrangements for cyber defence at the EU level.