OZON is a large-scale national cyber crisis exercise that takes place every two years. During the OZON exercise, you will practice how to react to a cyber crisis and find out whether you are already well prepared for a cyber crisis as an institution.
Whitepaper Cyber Crisis Exercise OZON
The need for cyber crisis exercises in the education and research sector was clearly evident from the national exercise in 2016. The results and recommendations from this exercise have been published in a whitepaper, intended to serve as a guide for (IT) policymakers and security specialists.
Cyber Crisis Exercise for Education and Research
The OZON Cyber Crisis Exercise whitepaper describes how best to set up a cyber crisis exercise in the education and research sector, and sets out the importance of such an exercise for organisations. It also explains in detail how the OZON Cyber Crisis Exercise was organised, and gives results and recommendations. This whitepaper is intended for (IT) policymakers and security specialists in education and research who wish to set up their own cyber crisis exercise.
Evaluation
The OZON Cyber Crisis Exercise brought the threat of a cyber attack to life and put cyber risks on the agenda. It became clear that the increased awareness amongst all those who took part in the exercise was greatly appreciated. Institutions have launched follow-up initiatives to put cyber security more firmly on the agenda. At the same time, it was concluded that security awareness must also be raised amongst the many people who did not take part in the exercise.
Recommendations
One of the main recommendations is that cyber security must become an integral part of crisis management, and that clear agreements must be made around procedures, roles and tasks. It is also emphasised that the sharing of information between institutions and the use of existing connections should take place more. Consideration should also be given to who would be responsible for national coordination in the event of a cross-sector cyber threat. It is also recommended that cyber exercises should be organised more frequently in order to raise awareness and increase support and resilience.
