The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
The study aims at identifying the key security challenges that the companies are facing when implementing Big Data solutions, from infrastructures to analytics applications, and how those are mitigated. The analysis focuses on the use of Big Data…
This is an informative note on what provisions of the upcoming NIS Directive might mean for CSIRTs. It contains references to parts of the Directive, and some comments and proposals from our side. By no means we consider this document fix or…
The aim of this document is to provide an overview of good practices as regards security measures that are deployed by electronic communication providers in Europe
This study focuses on the evaluation of the interdependencies and communications between all the assets that make up the new power grids, their architectures and connections in order to determine their importance, threats, risks, mitigation…
This report (ETL 2015), is the result of an analysis of cyber-threats that have been encountered in the last 12 months, that is, approximately between December 2014 and December 2015. ETL 2015 is the fourth in a series of reports issued yearly by…
This Threat Landscape and Good Practice Guide for Big Data provides an overview of the current state of security in the Big Data area. In particular, it identifies Big Data assets, analyses exposure of these assets to threats, lists threat agents…
This study reviews threats and potential compromises related to the security of SDN/5G networks. More specifically, this report has identified related network assets and the security threats, challenges and risks arising for these assets. Driven…
This Report on Information Sharing and Common Taxonomies between CSIRTs and Law Enforcement Agencies (LEAs) was produced at the initiative of ENISA with the objective to enhance cooperation both between the Member States (MS) of the EU and…
This study takes stock of and analyses the different approaches the EU Member States take to protect their critical information infrastructures by presenting key findings, the different CIIP governance structures and by emphasizing on good…
Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
