Reports
In this section you can find ENISA’s Reports, which give you a structured overview of the work done by the Agency.
These documents aim to promote a better understanding of the work of our Experts in the field of NIS.
National Cyber Security Strategies
Date: May 08, 2012
The paper includes a short analysis of the current status of cyber security strategies within the European Union and elsewhere. It also identifies common themes and differences, and concludes with a series of observations and recommendations. The paper is based on the preliminary findings and analysis from an ENISA project that is working to develop a Good Practice Guide on how to develop,...
Recommendations for technical implementation of Art.4
Date: May 04, 2012
In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of the Article 4 of the ePrivacy Directive, including a practical and usable definition of a data breach, and in particular its relation to the definition...
Publications of ENISA in the field of AR (DE)
Date: Apr 12, 2012
Die ENISA möchte Ihnen mit diesem kurzen Überblick ein nützliches und einfaches Hilfsmittel an die Hand geben, das Aufschluss über die wichtigsten Erkenntnisse der Agentur im Bereich der Sensibilisierung für Informationssicherheit seit der Aufnahme ihrer Tätigkeit im Jahr 2005 gibt. Der Überblick umfasst eine Liste der Publikationen der ENISA zum Thema Sensibilisierung und enthält...
Publications of ENISA in the field of AR – An overview
Date: Apr 12, 2012
ENISA hopes that this brief document will provide a valuable and simple tool to learn more about the main findings of the Agency in the field of information security awareness since the starting of its operational activities in 2005. The overview shows a list of the awareness raising publications produced by ENISA with a cross the top some useful information about the documents, including a brief...
Publications of ENISA in the field of AR – An overview (FR)
Date: Apr 12, 2012
L’ENISA espère que le présent document succinct servira d’outil simple et précieux pour en apprendre davantage sur les principales conclusions de l’Agence dans le domaine de la sensibilisation à la sécurité de l’information depuis qu’elle a commencé à être opérationnelle en 2005. Cet aperçu présente une liste des publications sur le thème de la sensibilisation produites par...
Procure Secure: A guide to monitoring of security service levels in cloud contracts
Date: Apr 02, 2012
A practical guide aimed at the procurement and governance of cloud services. This guide provides advice on questions to ask about the monitoring of security. The goal is to improve public sector customer understanding of the security of cloud services and the potential indicators and methods which can be used to provide appropriate transparency during service delivery. One-off or periodic...
Study on monetising privacy. An economic model for pricing personal information
Date: Feb 28, 2012
Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services? This study analyses the monetisation of privacy. ‘Monetising privacy’ refers to a consumer’s decision of disclosure or non-disclosure of personal data in relation to a purchase transaction. The main goal of...
Cooperation between CERTs and Law Enforcement Agencies in the fight against cybercrime - A first collection of practices
Date: Feb 28, 2012
The essential aim of this report is to improve the capability of CERTs, with a focus on the national/governmental CERTs (n/g CERTs), to address the network and information security (NIS) aspects of cybercrime. It focuses particularly on supporting n/g CERTs and their hosting organisations in the European Union (EU) Member States in their collaboration with the LEAs. It also intends to be a first...
Study on data collection and storage in the EU
Date: Feb 23, 2012
Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an analysis of the relevant legal framework of European Member States on the principles of minimal disclosure and the minimum duration of the storage of...
Ontology and taxonomies of resilience
Date: Dec 21, 2011
Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context is to use them as the basis of definitions and processes in the future work. A taxonomy is most often defined as a classification of terms and has close...
