The Digital Security Authority (DSA), designated under the NIS2 Directive as the National Cybersecurity Crisis Management Authority of the Republic of Cyprus, in close cooperation with the European Union Agency for Cybersecurity (ENISA) and its implementation partners, successfully concluded a three-day onsite workshop (9–11 Δεκεμβρίου 2025), to launch the development of Cyprus’ National Cyber Crisis Management Plan.
This initiative is undertaken in direct fulfilment of Article 9 of the NIS2 Directive, which legally obliges every EU Member State to establish a national framework for large-scale cybersecurity incident and crisis management. Article 9 mandates the creation of a comprehensive national plan that defines crisis governance structures, operational roles, response procedures, coordination mechanisms, and national capabilities to ensure an organised, timely, and effective response to major cyber incidents.
The workshop marks a critical first step toward meeting these EU requirements and strengthening Cyprus’ overall cyber resilience, while formally operationalising DSA’s national role in cybersecurity crisis management.
Objectives of the Three-Day Onsite Workshop
The onsite workshop, organized by DSA, marked a significant milestone in fulfilling these obligations. Its key objectives included:
- Reviewing the existing legal and policy framework of Cyprus’ national crisis management ecosystem.
- Mapping all relevant national stakeholders and authorities involved in cybersecurity crisis response.
- Validating procedures, communication channels, and escalation pathways required during national cyber incidents.
- Discussing the functional and governance structure of the future National Cyber Crisis Management Plan.
- Collecting the necessary inputs for drafting a national plan fully aligned with the requirements of NIS2 Article 9.
The workshop brought together representatives from critical sectors, ministries, and national authorities, ensuring a holistic and coordinated national approach to cyber crisis preparedness and response.
Cooperation Between DSA, ENISA, and National Stakeholders
This initiative reflects strong cooperation between:
- The Digital Security Authority (DSA),
- The European Union Agency for Cybersecurity (ENISA),
- ENISA’s designated private implementation partners,
- National ministries, regulatory bodies, security agencies, and operators of critical infrastructures.
Through this collaboration, Cyprus’ National Cyber Crisis Management Plan will be developed in full alignment with the national crisis management framework, while also being fully harmonised with European-level coordination mechanisms, including EU crisis response structures and cross-border cooperation processes.
Conclusion
The successful conclusion of this launch workshop, underpinned by strong cooperation between DSA, ENISA, and key national stakeholders, reaffirms Cyprus’ commitment to building a robust, coordinated, and EU-aligned cyber crisis management framework. By formally establishing governance, operational structures, and coordination mechanisms at both national and European levels, the Republic of Cyprus strengthens its preparedness and ability to respond effectively to large-scale cyber incidents, significantly enhancing national digital resilience in line with NIS2 requirements.
