The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
This document analyses the usage of this term by various stakeholders and reviews standardisation activities in the area of Cybersecurity, providing an overview of overlaps and gaps in available standards. It has been written by CSCG and ENISA…
This report on one hand analyses the eIDAS requirements with regard to the standards, on the other analyses currently available standards and compares the results of both analyses. Such a mapping is oriented at the requirements specified in the…
In response to the European Union’s Cybersecurity Strategy, the CSCG has published a White Paper with recommendations on digital security. The CSCG’s recommendations underline the importance of Cybersecurity standardisation to complete the…
The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy…
The use of cloud computing technologies is gaining increased popularity and quickly becoming the norm. At the same time, the cloud service providers (CSP) are not always able to keep up the pace with new technologies. This also affects forensic…
This report proposes six strategies and twelve recommended actions as an escalated approach that targets the most important aspects detected to be critical for (i) improving the website authentication market in Europe and (ii) successfully…
Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…
This report aims at developing a methodology that allows to compare different Privacy Enhancing Tech-nologies (PETs) with regard to their maturity, i.e., their technology readiness and their quality concerning the provided privacy notion. The…
As several years have passed since the publication and implementation of the Framework Directive 2009/140 including Art. 13a, an impact evaluation of the new article was necessary. The evaluation has the purpose of assessing the changes in…
Measuring the impact of incidents has become one of the toughest challenges nowadays, given the multitude of factors/indicators that must be taken into consideration. To address this issue, indicators are used, accompanied by thresholds, to…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
