Publications

Featured publications

ENISA NIS360

This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…

NIS Investments 2025

The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…

All publications

Publish Date

Considerations on ICT security certification in EU - Survey Report

Over the last years, ENISA has engaged in a number of activities in pursuit of supporting the Commission and the Member States in identifying a way forward on the certification of ICT security products and services, which on the one hand seeks to…

Cyber Europe 2016: After Action Report

Cyber Europe 2016 was the fourth pan-European cyber crisis exercise organised by
the European Union Agency for Network and Information Security (ENISA). Over 1 000
participants working mostly in the ICT sector, from public and private…

Security guidelines on the appropriate use of qualified electronic registered delivery services

This document addresses qualified electronic registered delivery services and is one out of a series of five documents which aim to assist parties wishing to use qualified electronic signatures, seals, time stamps, eDelivery or website…

Security guidelines on the appropriate use of qualified electronic seals

This document addresses qualified electronic seals and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery and website authentication certificates to…

Security guidelines on the appropriate use of qualified electronic signatures

This document addresses qualified electronic signatures and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication…

Security guidelines on the appropriate use of qualified electronic time stamps

This document addresses qualified electronic time stamps and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication…

Security guidelines on the appropriate use of qualified website authentication certificates

This document addresses qualified certificates for website authentication and is one out of a series of five documents which aim to assist parties wishing to use qualified electronic signatures, seals, time stamps, eDelivery or website…

Annual Incident Reports 2016

For the sixth year, ENISA publishes the annual report about significant outage incidents in the European electronic communications sector, which are reported to ENISA and the European Commission under Article 13a of the Framework Directive (2009/…

Recommendations on aligning research programme with policy

The scope of this report is to review existing analysis reports on EU funded Trust and Security Projects, summarize achievements that have significantly promoted specific pillars of NIS, identify and summarize specific outcomes that can promote…

Gaps in NIS standardisation - Recommendations for improving NIS in EU standardisation policy

This report recommends that the European Commission, with the support of the Member States, pursuant to the NIS Directive, adopt a standards based framework for the exchange of threat and defensive measure information that impacts the functioning…