This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
This report provides an overview of the activities organised and presents a synthesis of the findings based on evaluation and performance information gathered via two questionnaires, a social media monitoring report, and media and social…
This report analyses the efforts provided by ENISA and national partners during the 2020 to support the growing of the European Cyber Security Challenge. The 7th Edition of the European Cyber Security Challenge, ECSC2020 planned initially for the…
This report aimed to identify the key factors enabling the success of a national cybersecurity competition and to give a snapshot of the current situation in the EU and ECSC partner countries. To do that, we conducted a dozen of interviews with…
This study proposes a set of initial methodological steps to work towards a market analysis on cybersecurity certification of ICT products, ICT services and ICT processes. The performance of a market analysis on cybersecurity certification aims…
This document describes the formats and procedures for cross border reporting and annual summary reporting under Article 40 of the EECC. Paragraph 2 of Article 40 describes three types of incident reporting: 1) National incident reporting from…
This ENISA situation report provides an assessment as well as advice and mitigation measures for the MS Exchange vulnerabilities. The threat for the new updates has been assessed as severe and ENISA considers attacks probable and of high risk.…
This report provides an overview of the most common methods for identity proofing with some examples received by stakeholders, presents the current legal / regulatory landscape and supporting standards at the international and EU level and…
This document provides an overview of the conformity assessment framework for QTSPs as set out in the eIDAS Regulation, i.e. aiming to confirm that the assessed QTSP/QTS fulfils its requirements. This report discusses the typical process flow and…
This document provides recommendations to help qualified trust service providers and auditors understand the expected mapping between these requirements/obligations and reference numbers of standards, as well as practical recommendations for…
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of…
Pagination
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.