21 - 22 February, 2024, Constanta
Tabletop Exercise
Organised By:
The Maritime Cybersecurity Centre Of Excellence
In Partnership With:
The Romanian National Cyber Security Directorate
Cybersecurity Incident Response Exercise - Port of Constanta
About The Event
In today’s digital age, cybersecurity has become a significant concern for governance and commerce. To tackle the growing challenges of the cyber world, policymakers and practitioners need to enhance their abilities in effective communication and foster a more robust problem-solving mutual approach. Collaborating on common platforms and conducting joint training, including tabletop exercises, can significantly boost cybersecurity measures across the Black Sea Region while strictly adhering to the principles of the EU Cybersecurity Strategy.
The Port of Constanta stands as a critical hub for waterborne freight and transportation in the region, making it an ideal location for hosting a cybersecurity incident response exercise that addresses both cybersecurity policy and technical concerns. By holding this exercise at the Maritime Cybersecurity Centre of Excellence, we aim to ensure that the digital infrastructure of major critical infrastructures, such as the Port of Constanta, complies with EU standards and enhances its ability to withstand cyber threats.
The Port of Constanta stands as a critical hub for waterborne freight and transportation in the region, making it an ideal location for hosting a cybersecurity incident response exercise that addresses both cybersecurity policy and technical concerns. By holding this exercise at the Maritime Cybersecurity Centre of Excellence, we aim to ensure that the digital infrastructure of major critical infrastructures, such as the Port of Constanta, complies with EU standards and enhances its ability to withstand cyber threats.
In this context, the comprehensive aim of the “Cybersecurity Incident Response Exercise: Port of Constanta” is ideally in line with the EU Cybersecurity Strategy, which supports the creation of a resilient, secure, and trusted digital environment. It also echoes the strategy’s commitment to capacity-building and fostering knowledge, skills, and expertise for effective cyber threat response and recovery.
The exercise also approaches the Directive on measures for a high common level of cybersecurity across the Union (NIS 2 Directive) as the cornerstone of European cybersecurity legislation, offering legal provisions designed to strengthen cybersecurity across the EU. Hence, it aims to support The European Programme for Critical Infrastructure Protection’s (EPCIP) objective of improving the protection of critical infrastructure in Europe by simulating the response to a disruption caused by a cyber-attack.
Through this TTX, the participants will also get an opportunity to understand and apply the EU Cyber Diplomacy Toolbox principles, which seek to prevent, deter and respond to malicious cyber activities directed against the EU or its member states under the Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities.
Participants will assume various roles as representatives from Romanian authorities and agencies, collaborating with counterparts from other member states, institutions, and the cybersecurity industry, including specialists from the Black Sea Region’s maritime sector. This collaboration aims to enhance the mechanisms and capabilities for working across different domains. Their collective expertise is critical in ensuring that the exercise scenarios, while fictional, provide a realistic representation of the daily threats and challenges in cybersecurity. With their direct experience in managing cyber threats, these professionals will introduce a practical aspect to the exercise, effectively linking theoretical concepts to their application in the real world.
Moreover, the involvement of experts from the cybersecurity industry and the maritime sector of the Black Sea Region will enrich the exercise. Their unique insights will deepen participants’ understanding of how different sectors are interconnected and highlight the significance of collaboration between the public and private sectors in addressing cybersecurity incidents.
With a solid understanding of local infrastructure and the community, local authorities’ representatives will also play a key role in this exercise. Their knowledge will ensure that the exercise considers the unique features of the local landscape, which is essential for any effective incident response plan.
The wide-ranging expertise of these participants, spanning various sectors and areas of specialisation, will add depth and breadth to the exercise, enriching the learning experience for all participants. It also reinforces the underlying message of the exercise: that effective cybersecurity incident response is a collaborative effort that requires the involvement of various stakeholders across multiple domains. Therefore, this exercise is an important initiative to improve readiness, enhance capabilities, and ensure effective and swift response in the event of cyber-attacks in the Black Sea region.
Event Schedule
Day 1
21 February 2024
09:00 - 09:15
Opening Remarks
09:15 - 10:00
The EU and National Cybersecurity Frameworks
10:00 - 10:30
Introduction and Scenario Overview
10:30 - 10:45
Assessment of Teams Formation and Role Responsibilities
10:45 - 13:00 Morning Session
Module 1
13:00 - 14:00
Lunch
14:00 - 15:30 Afternoon Session
Module 2
15:30 - 15:45
Coffee Break
15:45 - 17:15 Evening Session
Module 3
17:15 - 17:45
Day 1 Conclusions
Day 2
22 February 2024
09:00–10:45
Module 4
10:45 - 11:00
Coffee Break
11:00 - 12:45
Module 5
12:45 - 13:30
Final Conclusions
13:30 - 14:30
Lunch
What Our Participants Say About The Event
Thank you for a very interesting exercise and for a great experience hosting us in Constanta. It was a pleasure to be there, and I’m looking forward to the next TTX.
Cristian Mihai Vidu
IT Security Consultant
The successful execution of this exercise underscores the critical necessity for seamless collaboration across the public and private sectors, aiming to protect our essential maritime infrastructure and not only.
Alexandru Anghelus
Cyber Security Consultant
This TTX provided an excellent opportunity to test our response capabilities to a major cybersecurity incident and gave us insights into areas where we can improve collaboration and coordination among different institutions
Laurentiu Pricop
Head of IT, Romanian Naval Authority
The exercise was exceptionally well organised and executed. I thoroughly enjoyed participating and found it to be a highly valuable learning experience. I look forward to contributing to future events and collaborating further.
Dimitar Dimitrov
Naval Academy Bulgaria
Great Event, Outstanding Participants, Resourceful Players ! Relevant Event, both Local & National, and also International – another step further in contributing – via Constantza-Romania – to Creating & Strengthening The Euro-Atlantic Culture of Security and Resilience !
Alexandru Zarnescu
Esq-LLM
Great Experience. Good pace and cohesion. Many lessons learned, partnerships to create, cooperation to strengthen and SOPs to update.
Applause and congrats to the MARITIME CYBERSECURITY CENTRE OF EXCELLENCE.
Horatiu Garban
ROU MOD
Venue
Constanta Maritime University
MARCYSCOE is based at the Maritime University of Constanta, a Romanian public university that provides bachelor and master programs for the maritime industry.