Guidelines - Cyber Risk Management for Ports

Back to all publications

Download

Publication date:December 17, 2020

This report aims to provide port operators with good practices for cyber risk assessment that they can adapt to whatever risk assessment methodology they follow. In order to achieve this, this report introduces a four-phase approach to cyber risk management for port operators, which follows common risk management principles and is mapped to the steps of the risk assessment methodology that is laid out in the ISPS Code and relevant EU legislation for Port and Port Facility Security. For each of these phases, this report provides actionable guidelines to assist port operators in their efforts, lists common challenges associated with the performance of the relevant activities, good practices that can be readily adopted and customised by individual organisations and a mapping of the listed good practices for each phase with the respective challenges they address.

Search related content with: Cybersecurity NIS Directive National NIS Strategies Maritime

Publication details

Related content

Cyber hygiene in the health sector illustration with medical staff, hospital, and cybersecurity icons, by ENISA

Cyber Hygiene in the Health Sector

This booklet, developed by ENISA, provides clear and targeted guidance with practical steps that health entities can take to:
-  Safeguard sensitive data
- Minimise exposure to common cyber threats-

Cover page of an ENISA report titled 'Cybersecurity Roles and Skills for NIS2 Essential and Important Entities', featuring a person typing on a laptop with floating digital icons representing cybersecurity roles. The report is dated June 2025 and maps NIS2 obligations to the ECSF.

Cybersecurity roles and skills for NIS2 Essential and Important Entities

 ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively.

Cover of the publication titled “NIS 2 Implementation Guidance,” featuring hand icons related to cybersecurity and the NIS 2 logo in the centre, with “June 2025” noted at the bottom.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors.

Publication cover for Handbook for Cyber Stress Tests - Skyline image with different metrics visual

Handbook for Cyber Stress Tests

ENISA developed this handbook as guidance for national or sectorial authorities overseeing cybersecurity and resilience of critical sectors, at the national level, regional or EU level under NIS 2 Directi

BROWSE ALL PUBLICATIONS

ENISA Telecom and Digital Infrastructure Security Forum 2025

2025 Mar 20

ENISA Telecom Security Forum 2022

2022 Jun 29

8th E.DSO/EE-ISAC/ENCS/ENISA Cybersecurity Forum

2025 Oct 30

7th E.DSO/EE-ISAC/ENCS/ENISA Cybersecurity Forum

2024 Oct 1

BROWSE ALL EVENTS

eHealth security in the spotlight: A good practice guide for a robust and resilient EU health sector

News Item

Unveiled on the sidelines of the 10th edition of the eHealth Security conference, the European Union Agency for Cybersecurity (ENISA) publishes a good practice guide to support entities of the health sector in strengthening their digital security.

Supporting NIS2 implementation through actionable guidance

Press Release

The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.

Putting EU resilience to the test: ENISA handbook on cyber stress testing

News Item

The Handbook for Cyber Stress Testing aims to support national authorities in assessing the cybersecurity and resilience of critical sector entities.

From Cyber to Outer Space: A Guide to Securing Commercial Satellite Operations

Press Release

The European Union Agency for Cybersecurity (ENISA) explores the cybersecurity threat landscape of space to strengthen the resilience of commercial satellites.

BROWSE ALL NEWS