On 5 January 2018 the Government Council approved an update of the Emergency Response Plan to deal with attacks against information systems or the technical failure of information systems ('Cyber ERP').
The changes made to the version currently in force are the result of discussions by an inter-ministerial working group chaired by the High Commission for National Protection; they are based partly on the lessons learned from cybernetic incidents the Grand Duchy has been exposed to since 2014, and partly on feedback from participation in simulations and international exercises.
The changes include the following:
- clarification of the role and reinforcement of the crisis management missions of the Cybernetic Risk Evaluation Cell (Cellule d'Evaluation du Risque Cybernétique - CERC) as soon as a large-scale incident occurs;
- development of relations with the operators in the public and private sectors, and drawing up with them technical procedures ensuring the effective and speedy implementation of all the measures required in a crisis situation;
- integration of the Crisis Communication Service (Service de la Communication de Crise - SCC) which, in the event of an emergency situation or national crisis, is responsible for the horizontal coordination of the organisation of communication.