![Cyber Flag]()
Multilateral exercises such as Cyber Flag 25-2 strengthen international cooperation in defensive cyber operations.
Photo: Försvarsmakten
Cyber Flag is organized by US Cyber Command (USCYBERCOM) and is the largest recurring cyber defense exercise, with more than 20 participating countries. The exercise focuses on defensive cyber operations and is designed to strengthen partnerships and improve participating nations’ ability to detect, manage, and defend against cyber threats.
During the exercise, teams work in a simulated environment created within the Persistent Cyber Training Environment (PCTE). The environment reflects real-world threats such as supply chain compromises, ransomware, and zero-day attacks. The focus is on detecting, isolating, and removing adversary presence in networks. In addition, USCYBERCOM’s Cyber Protection Teams act as adversaries to test each team’s defensive capabilities.
The Swedish-Finnish team gained increased practical experience in jointly handling complex incidents under pressure. An important lesson from Cyber Flag 25-2 is the importance of coordinated training at all levels – from the technical identification of threats to overarching decision-making and communication.
“Through Cyber Flag, we enhance Sweden’s capabilities and deepen our cooperation with Finland – the exercise enables us to develop methods and procedures for jointly handling targeted antagonistic cyberattacks” said Colonel Thomas Höglund, head of the Swedish Cyber Command.
Multilateral exercises such as Cyber Flag 25-2 strengthen international cooperation in defensive cyber operations and create the conditions to jointly handle cyberattacks. International cooperation is essential to counter today’s advanced threats in the cyber domain, as well as to protect and defend Swedish interests.