After the Draft Council Recommendation, published on 24 February 2025, the Cyber Blueprint is now adopted. It describes the key actors and mechanisms involved, explaining roles and responsibilities at every stage of a crisis. It involves information sharing and coordination of responses at all stages of a crisis, at the political and technical level.
The Cyber Blueprint should enable relevant Union-actors to understand how to interact and make the best use of available mechanisms across the full crisis management lifecycle. It aims to explain what a cyber crisis is and what triggers a cyber crisis mechanism at Union level. It explains the use of available mechanisms like the Cybersecurity Emergency Mechanism, including the EU Cybersecurity Reserve, in preparing how to manage, respond to and recover from a crisis arising from a large-scale cybersecurity incident. It furthermore aims to foster a more structured cooperation between civilian and military actors, including cooperation with North Atlantic Treaty Organisation (NATO), given that a large-scale cyber incident affecting Union civilian infrastructure on which the military rely may also activate NATO response mechanisms.
The Cyber Blueprint builds on the existing frameworks, such as the Integrated Political Crisis Response and the EU Cyber Diplomacy Toolbox, while aligning with recently adopted initiatives, such as the Critical Infrastructure Blueprint and the network code on cybersecurity for the EU electricity sector.