For years now, ENISA—the European National Information Security Agency —has been raising user awareness of cybersecurity issues, often making valuable experimental tools available.In February 2026, it made available “The ENISA Cybersecurity Exercise Methodology - End-to-end guide on how to plan, run and evaluate an exercise” , a document that offers valuable guidance on how IT security managers can set up exercises that allow them to hypothesize cyber attack scenarios and mitigate the related risks.
This methodology provides a comprehensive framework for planning, managing, and evaluating cybersecurity exercises.
The methodology ensures that all stakeholders are properly informed and assigns responsibilities to the various roles . This methodology is based on theoretical material, which has, however, been tested practically in numerous exercises, with extremely positive results.
The objectives of this document are as follows:
- provide guidance on how to organize and plan a cybersecurity exercise,
- evaluate the company's response capabilities in the face of cyber attacks,
- convince senior management of the importance of organizing cybersecurity exercises ,
- Assess the company's skills and capabilities in the face of cyber attacks, complying with applicable legal and regulatory requirements.
The document is divided into various parts, as follows:
- the start of the exercise planning,
- the design of the exercise,
- the preparation and definition of the scenario,
- the methods of implementing the planned exercise,
- the evaluation of what happened, at the end of the exercise.