Cybersecurity roles and skills for NIS2 Essential and Important Entities

Back to all publications

Cover page of an ENISA report titled 'Cybersecurity Roles and Skills for NIS2 Essential and Important Entities', featuring a person typing on a laptop with floating digital icons representing cybersecurity roles. The report is dated June 2025 and maps NIS2 obligations to the ECSF.

Download

Publication date:June 26, 2025

 ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the European Cybersecurity Skills Framework (ECSF) , the EU’s reference framework for defining and assessing cybersecurity skills for professionals as mentioned in the Communication on the Cybersecurity Skills Academy.

Publication details

Related content

Cover of the publication titled “NIS 2 Implementation Guidance,” featuring hand icons related to cybersecurity and the NIS 2 logo in the centre, with “June 2025” noted at the bottom.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors.

Publication cover for Handbook for Cyber Stress Tests - Skyline image with different metrics visual

Handbook for Cyber Stress Tests

ENISA developed this handbook as guidance for national or sectorial authorities overseeing cybersecurity and resilience of critical sectors, at the national level, regional or EU level under NIS 2 Directi

Cyber Europe After Action report - Power plant background representing energy

Cyber Europe 2024 - After Action Report

The after action report provides an overview of the 2024 edition of the Cyber Europe exercise which was conducted in June and aimed at identifying gaps and increasing cybersecurity preparedeness and resilience. 

Cybersecurity_Education_Maturity_Assessment.png

Cybersecurity Education Maturity Assessment

This ENISA study aims to develop a maturity assessment model to evaluate each MS's cybersecurity education level in primary and secondary schools and to provide a comprehensive overview of the EU.

BROWSE ALL PUBLICATIONS

7th eHealth Security Conference

2022 Oct 10

4th ERA-ENISA Conference on Cybersecurity in Railways

2024 Oct 2

9th ENISA eHealth Security Conference

2024 Nov 6

7th E.DSO/EE-ISAC/ENCS/ENISA Cybersecurity Forum

2024 Oct 1

BROWSE ALL EVENTS

Supporting NIS2 implementation through actionable guidance

Press Release

The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.

Putting EU resilience to the test: ENISA handbook on cyber stress testing

News Item

The Handbook for Cyber Stress Testing aims to support national authorities in assessing the cybersecurity and resilience of critical sector entities.

From Cyber to Outer Space: A Guide to Securing Commercial Satellite Operations

Press Release

The European Union Agency for Cybersecurity (ENISA) explores the cybersecurity threat landscape of space to strengthen the resilience of commercial satellites.

Proposed ENISA role to safeguard cybersecurity of health sector

News Item

The EU Agency for Cybersecurity, ENISA welcomes the EU Action Plan for the cybersecurity of hospitals and healthcare providers proposed on 15 January.

BROWSE ALL NEWS