Your Perspective Matters: Join the NIS360 survey

Back to News

ENISA launches a survey for both national authorities and high criticality entities under NIS2 in preparation of the next edition of the NIS360 report. 

Following the publication of the NIS360 2026 report in May 2026, a new assessment cycle has now started with the launch of data collection and surveys for the NIS360 2027 edition.

For this assessment, data is collected via an online platform using two structured questionnaires designed to assess cybersecurity maturity by combining insights from the private sector with perspectives from national authorities. The NIS360 surveys are carefully designed to ensure that data collected each year remains comparable and reflects overall trends. All responses are analysed in aggregate form, ensuring confidentiality.

What’s new in the survey?

The survey for both authorities and entities has been simplified, is quick to complete and features a user-friendly interface. It also introduces new features that allow registered entities to receive a benchmarking report, compare themselves with their peers, and better understand where they stand.

Your responses are essential for ENISA’s assessment of sectoral cybersecurity maturity and criticality under NIS360.Share your feedback by taking part to the survey by 30 October 2026 via the following link: https://enisa.enablor.dk/auth/register/survey/eca2ce47cdd14826b095192fbdc15edc?lang=en

The survey will be used to prepare the new NIS360 report, which will be published in 2027.

For any further information regarding the survey, please contact NIS360@enisa.europa.eu

About the ENISA NIS360 report

The ENISA NIS360 aims to work as an annual assessment tool supporting national authorities, policymakers and other stakeholders in assessing the cybersecurity maturity and criticality of high criticality sectors under the NIS2 Directive.

Under the NIS360, a sector’s maturity is determined by: legislation and its effectiveness, companies and their preparedness, authorities and their institutional capacity, and sectoral ecosystem structures and their effectiveness.

The assessment relies on a structured methodology developed and continuously refined by ENISA that takes into account the structural and gradually evolving nature of sectoral cybersecurity maturity and criticality. It also builds on evidence gathered over time from organisations operating within the in-scope sectors, national authorities supervising those organisations, but also EU-level data, to reflect our latest evidence-informed understanding of where each sector stands. As a result, the NIS360 provides both a comparative overview of sectors and a more detailed analysis per sector to help identify gaps and prioritise resources.