The Digital Security Authority, in cooperation with ENISA, successfully organised the 2nd workshop for the development of the National Cyber Crisis Management Plan of the Republic of Cyprus, which took place on 26 and 27 February 2026 at the Authority’s premises in Nicosia.
The workshop forms part of the obligations arising from the NIS 2 Directive, and specifically Article 9, which requires each Member State to establish and adopt a national plan for the management of significant cybersecurity incidents and cyber crises. The Digital Security Authority, acting as the National Cyber Crisis Management Authority, has the coordinating role for the development and implementation of the Plan, in accordance with the national legislative framework on the security of network and information systems.
The two-day program brought together representatives from competent public authorities and operators of critical infrastructure, with the aim of further refining, updating, and finalising a comprehensive and realistic National Plan.
Thursday, 26 February – Stakeholder Training
The first day focused on training participating stakeholders on escalation procedures, response management, as well as communication and reporting processes. Through interactive presentations and discussions, roles and responsibilities were examined, along with coordination mechanisms and interoperability at both national and European levels.
Friday, 27 February – Table-Top Exercise
The second day included a table-top exercise during which participants were invited to manage a simulated cyber crisis scenario. The exercise constituted a key step in validating the Plan’s procedures, identifying potential gaps, and enhancing decision-making and communication mechanisms.
The active engagement of all participating entities and the exchange of expertise reaffirmed the collective commitment to strengthening national cyber resilience. The development and adoption of the National Cyber Crisis Management Plan represent a fundamental step towards ensuring effective coordination during times of crisis and safeguarding the country’s critical services.
The Digital Security Authority will continue, in close cooperation with all relevant stakeholders and ENISA, the work towards the completion and formal adoption of the Plan, further enhancing the Republic of Cyprus’ preparedness and response framework against cyber threats.
