Cyber Europe 2026: All eyes on the EU’s collective response and resilience

(Oleksandr Hladchenko / Unsplash)

By ENISA • Jun 12, 2026

Powered by the EU Agency for Cybersecurity, the 8th edition of the Cyber Europe exercise took place on June 10-11, with the goal of enhancing cyber preparedness and ensuring continuity of essential services while protecting European rail and maritime networks.

The two-day exercise simulated realistic large-scale cybersecurity incidents that escalated to cyber crises affecting EU’s interconnected transportation systems. Participants needed to analyse advanced technical cybersecurity incidents, while dealing with the pressure generated by complex scenarios, inspired by real-case events and threats. Central to their efforts was the effective sharing of relevant information with the right stakeholders and peers, contributing to an adequate level of situational awareness at technical, operational and political level. To bring this year’s edition to life, ENISA collaborated with over 100 leading cybersecurity experts from national cybersecurity agencies, EU and EFTA’s public and private sectors, as well as from EU Entities, bringing together over 5000 participants.

The transport sector holds a vital socioeconomic role amidst the current geopolitical situation. According to ENISA Threat Landscape findings, transport has been in the top-five most target sectors for the past two years. Both the rail and maritime subsectors are inherently complex environments composed of many different stakeholders. They exhibit comparable levels of digitalization and share a common challenge: integrating legacy Operational Technology (OT) with modern systems without compromising strict safety and reliability standards. Their dependence on supply chains and third-party providers contributes to their overall exposure to cyber threats, while their increasing role in military logistics raises their strategic importance and potential attractiveness as targets. The ENISA NIS360 report revealed that both sectors are in the risk zone, with lower-than-average cybersecurity maturity and criticality that exceeds their maturity.