The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
ENISA has conducted a survey about the security mechanisms used by TSPs (Trust Service Providers) in Europe, and their interoperability, under the scope of the proposed new Regulation on electronic identification and trust services for electronic…
This document provides an overview of existing mechanisms supporting Computer Emergency Response Teams (CERTs) to deploy capabilities necessary for their operations and their maturity level. It introduces these mechanisms according to the CERT…
ENISA releases the 2013's ENISA Threat Landscape (ETL 2013). The ENISA Threat Landscape is a collection of top cyber-threats that have been assessed in the reporting period, ie. end 2012-end 2013.
ENISA has collected over 250 reports…
There is growing interest in ICS security testing in Europe. This has led to the current situation in which several initiatives have emerged. Unfortunately, they are mostly considered immature, with poor or no coordination between them and room…
Data retention legislation has been adopted to address concerns related to national security and serious criminal activity. The legislation provides access to communication data for law enforcement purposes. However, according to the Data…
EISAS – European Information Sharing and Alerting – has proven to be a great opportunity to enhance collaboration and foster awareness-raising actions across Europe. ENISA helped design EISAS, but now EISAS has to run by itself.
The…
The proposed NIS Directive mentions cloud computing explicitly. This is not surprising. Cloud infrastructures play an increasingly important role in the digital society. A large part of the EU’s Digital Agenda is the European cloud strategy which…
Much of Europe’s critical infrastructure which resides in sectors such as energy, transportation,water supply is largely managed and controlled by SCADA (Supervisory Control and Data Acquisition) systems, a subgroup of Industrial Control Systems…
This document builds upon the current practice of CSIRTs with responsibilities for ICS networks, and also on the earlier work of ENISA on a baseline capabilities scheme for national/ governmental (n/g) CSIRTs. The document is an initial attempt…
This Good Practice Collection was produced at the initiative of ENISA in the context of its support activities to ensure the efficient functioning of CSIRTs and their cooperation with Law Enforcement Agencies (LEAs) in the face of a new…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
