The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
The methodology offers an end-to-end theoretical framework for planning, running and evaluating cybersecurity exercises. It ensures the right profiles and stakeholders are involved at the right time. It provides theoretical material based on…
ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the…
The after action report provides an overview of the 2024 edition of the Cyber Europe exercise which was conducted in June and aimed at identifying gaps and increasing cybersecurity preparedeness and resilience.
This ENISA study aims to develop a maturity assessment model to evaluate each MS's cybersecurity education level in primary and secondary schools and to provide a comprehensive overview of the EU. Additionally, ENISA seeks to collect and share…
Today, the internet is a tool used in many educational activities, which increases the amount of
time children are exposed to cyberspace and its risks. Informing young users about the
importance of maintaining personal privacy is not…
Findings from a PAN-EUROPEAN
cyber crisis Exercise
The ECSF User Manual provides a comprehensive overview of the ECSF’s main scope, framework principles and application opportunities. The primary purpose of the manual is to make the ECSF easily accessible by, understandable for, and usable by all…
The ECSF role profiles document lists the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, competences. The main purpose of this framework is to create a common…
This report aims to identify the skills, exercises and training needed to ensure that the information exchange among the European information sharing and analysis centres (ISACs) is effective and efficient.
In this report, ENISA contributes to both practice and research on the cybersecurity skills shortage and gap in two distinctive areas. Firstly, it provides an overview of the current supply of cybersecurity skills in Europe through an analysis of…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
