The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
The threat from Flamer illustrates important weaknesses in our cyber defences
The paper includes a short analysis of the current status of cyber security strategies within the European Union and elsewhere. It also identifies common themes and differences, and concludes with a series of observations and recommendations.…
In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation…
A practical guide aimed at the procurement and governance of cloud services. This guide provides advice on questions to ask about the monitoring of security. The goal is to improve public sector customer understanding of the security of cloud…
Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services?
This study analyses the monetisation of privacy. ‘…
Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an…
ENISA's report on Network Information Security (NIS) in Education comes at a time when education and ITC are interrelated and interconnected more than ever. The challenge for the digitally active citizen is to stay informed of the news coming…
In 2011 ENISA performed the review of its studies on resilient technologies from 2008-2010, complementing the findings of the previous years and investigating the deployment status of technologies enhancing resilience. Initial review of supply…
The main objective of the project “Secure Communications with the CERTs and other Stakeholders”, which is one of the ENISA activities related to reinforcing communications between CERTs in the Member States, is the preparation work for a report…
Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
