This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
The ECSF role profiles document lists the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, competences. The main purpose of this framework is to create a common…
This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…
This report provides an aggregated overview of the notified breaches for 2021, analysing root causes, statistics and trends. It marks the sixth round of security incident reporting for the EU’s trust services sector. In this round of annual…
This report provides anonymised and aggregated information about major telecom security incidents in 2021. The 2021 annual summary contains reports of 168 incidents submitted by national authorities from 26 EU Member States (MS) and 2 EFTA…
By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
This document offers a forward-looking perspective on some of these challenges and opportunities. It recognises the importance of key structural trends with major implications for the EU's digital ambitions to 2030 and beyond.
This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…
This report analyses demand and supply of IoT cybersecurity in distribution grids. It provides detailed indications on how this market might further develop in the future. The conclusions provided in the report are related to the envisaged scope…
This document is the cornerstone of ENISA activities in analysing the EU cybersecurity market: it presents a cybersecurity market analysis framework as a “cookbook” on how EU cybersecurity market analyses can be performed.
This report aims to identify the skills, exercises and training needed to ensure that the information exchange among the European information sharing and analysis centres (ISACs) is effective and efficient.
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
