Luxembourg, 6 June 2025
EU Telecom ministers adopted today the EU Blueprint for cyber crisis management, which gives guidance for the EU’s response to large-scale cybersecurity incidents or cyber crises.
Today, we take a decisive step forward in strengthening Europe’s cybersecurity resilience. The EU Blueprint for cyber crisis management clarifies how member states can detect, respond to, recover and learn from large-scale cybersecurity incidents and cyber crises that could affect the whole EU. The EU Blueprint shows our clear commitment to a safer, more resilient and better prepared Europe – an important priority of the Polish Presidency.
Krzysztof Gawkowski, Deputy Prime Minister, Minister of Digital Affairs
The EU Cyber Blueprint is an important guideline for member states to enhance their preparedness, detection capabilities and response to cyber security incidents, while building on the foundations laid by the 2017 Cybersecurity Blueprint and taking on board important recently adopted legislation such as the NIS2 directive and the Cyber Solidarity Act.
The EU Cyber Blueprint aims to tackle an increasingly complex cyber threat landscape by strengthening existing EU networks, fostering cooperation between member states and actors involved, and overcoming hurdles that may exist.
Essentials of the EU Cyber Blueprint
The EU Cyber Blueprint highlights the importance of digital technology and global connectivity as the backbone of the EU’s economic growth and competitiveness. However, an increasingly interconnected and digital society also increases the risks of cybersecurity incidents and cyberattacks. Hybrid campaigns and cyberattacks can directly affect the EU’s security, economy and society.
While member states have the primary responsibility in managing cybersecurity incidents and cyber crises, large-scale incidents could cause such a level of disruption that it exceeds a member state’s capacity to respond, or they can have an impact on several member states.
As such an incident could evolve in a fully-fledged crisis, affecting the functioning of the EU’s internal market or posing serious public security and safety risks, cooperation at technical, operational and political level is essential for effective crisis management for this kind of incidents.
To identify concretely what large-scale incidents or a Union-level cyber crises are, the EU Cyber Blueprint provides a clear explanation when the crisis framework should be triggered and what the roles of the relevant Union level networks, its actors and mechanisms are (such as ENISA, the EU’s Agency for Cybersecurity or EU-CyCLONe, the European cyber crisis liaison organisation network). The text also points to the importance of coordination of public communication before, during and after crisis incidents.
The EU Cyber Blueprint highlights the importance of civilian-military cooperation in the context of cyber-crisis management, including with NATO, through enhanced information-sharing mechanisms where possible and when needed.
Finally, the EU Cyber Blueprint also contains chapters on recovery, while trying to enhance the exchange of lessons learned between member states.
Background
Since 2017, the threat landscape and the EU’s cybersecurity framework changed significantly with several instruments considering cybersecurity management, such as the NIS2 directive or the Cyber Solidarity Act. This required changing the 2017 Blueprint.
The discussions on the EU Cyber Blueprint were intensified during the Polish Presidency, including during the informal TTE Council on 4-5 March in Warsaw, which was entirely dedicated to the issue of cybersecurity.
- Cyber Blueprint – Draft Council Recommendation (Publication – European Commission – 24 February 2025)
- Commission launches new cybersecurity blueprint to enhance EU cyber crisis coordination (Press release – European Commission -24 February 2025)
- Cybersecurity (background information)
- Cyber defence (background information)
Source – EU Council: Visit the meeting page
EU Commission welcomes adoption: EU takes a step further in cybersecurity crisis management
On Friday, EU Member States adopted the Commission’s proposal on the EU blueprint for cybersecurity crisis management (‘Cyber Blueprint’) to reinforce our Union’s resilience against growing cyber threats
The ‘Cyber Blueprint’ defines roles and responsibilities, detailing the key actors and mechanisms involved at all stages of a crisis. It enhances information sharing and response coordination at political and technical levels throughout a crisis.
Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy, said:
I welcome today’s adoption of the Cyber Blueprint. In crisis situations, there is no room for improvisation, especially in today’s rapidly evolving and uncertain geopolitical environment. It is a key component of our Union Preparedness Strategy. It serves as a practical tool for Member States and EU bodies to work together to prepare for and respond to a cyber crisis that could affect our critical infrastructure and public security.
The Cyber Blueprint builds on frameworks such as the Integrated Political Crisis Response and the EU Cyber Diplomacy Toolbox, while aligning with recent initiatives like the Critical Infrastructure Blueprint and the network code on cybersecurity for the EU electricity sector.