ENISA's Critical Information Infrastructure Protection (CIIP) and Resilience Unit is responsible for assisting competent national EU agencies, private sector and the EU Commission to develop sound and implementable preparedness, response and recovery strategies, policies and measures that meet the emerging threats to critical information infrastructures.
- assisting EU States and the EU Commission to better understand the emerging CIIP landscape and issuing important recommendations to influence the policy process in areas like Smart Grids, ICS-SCADA, interconnected networks, cloud computing, botnets, mutual aid agreements;
- developing good practices in areas like national contingency plans, cyber security strategies, minimum security measures for ISPs, national cyber exercises, trusted information sharing, and others;
- organising complex, multi-national and multi-stakeholder cyber exercises (e.g., Cyber Europe 2010, Cyber Atlantic 2011, Cyber Europe 2012);
- offering training and seminars to EU States on areas of its competence like national exercises, contingency plans, incident reporting;
- assisting National Telecom Regulatory Authorities in implementing a harmonised concept on mandatory incident reporting;
- co-managing with the EU Commission the Pan European Public Private Partnership for Resilience (EP3R) and facilitating the dialogue among the public and private stakeholders on emerging CIIP issues; and
- contributing to EU Commission's policy and strategic initiatives (e.g., Internet Security Strategy) and verifying that its recommendations are properly addressed by all concerned stakeholders.