A Blueprint for Collaborative Cybersecurity Operations Centres with Capacity for Shared Situational Awareness, Coordinated Response, and Joint Preparedness

With digital technologies now being part of the fabric of our societies, identifying and managing cybersecurity threats becomes imperative. Within the European Union, several initiatives are underway, aiming to motivate, regulate and eventually orchestrate the establishment of capacity and enhancement of situational awareness, incident response, and preparedness capabilities, with an expected emphasis on operators of essential services and state actors entrusted with cybersecurity. In this context, the institution of cooperation and information exchange channels to allow for coordinated cross-border responses to large-scale incidents is particularly prioritized. Motivated by the above, this work presents a conceptual blueprint in support of architecting and establishing interoperable Cyber Security Operations Centres that combine capacity for situational awareness, incident response, and preparedness, also benefiting from the interplay between them, ultimately enhancing national cybersecurity capabilities, cross-border collaboration, and national supervision of their critical sectors, in line with current and upcoming regulatory requirements and the ever-increasing need for national and international cooperation.