Image
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…
Featured publications
ENISA NIS360 2024
The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
All publications
Countering SIM-Swapping
In this study, we give an overview of how SIM-Swapping attacks work, list measures that providers can take to mitigate the attack and make recommendations for policy makers and authorities in the telecom sector and other sectors. Security of…
Addressing Skills Shortage and Gap Through Higher Education
In this report, ENISA contributes to both practice and research on the cybersecurity skills shortage and gap in two distinctive areas. Firstly, it provides an overview of the current supply of cybersecurity skills in Europe through an analysis of…
CTF Events
This report addresses the contemporary use of capture-the-flag (CTF) competitions around the world. It first provides background on such competitions, their structure and variations. Analyses of recent competitions is then conducted, comprising an…
Post-Quantum Cryptography: Current state and quantum mitigation
This study provides an overview of the current state of affairs on the standardization process of Post-Quantum Cryptography (PQC). It presents the 5 main families of PQ algorithms; viz. code-based, isogeny-based, hash-based, lattice-based and…
Cybersecurity Research Directions for the EU’s Digital Strategic Autonomy
The focus of this work is to identify the necessary research priorities to support the EU’s digital strategic autonomy and thus digital sovereignty. In this introductory chapter, we (i) analyse how the terms ‘digital strategic autonomy’ and ‘digital…
Towards a Common ECSC roadmap
This report aimed to identify the key factors enabling the success of a national cybersecurity competition and to give a snapshot of the current situation in the EU and ECSC partner countries. To do that, we conducted a dozen of interviews with…
ECSC 2020 Analysis Report
This report analyses the efforts provided by ENISA and national partners during the 2020 to support the growing of the European Cyber Security Challenge. The 7th Edition of the European Cyber Security Challenge, ECSC2020 planned initially for the…
Security Framework for Qualified Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of…
Security Framework for Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS…
Recommendations for Qualified Trust Service Providers based on Standards
This document provides recommendations to help qualified trust service providers and auditors understand the expected mapping between these requirements/obligations and reference numbers of standards, as well as practical recommendations for their…