The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research…
Today, the internet is a tool used in many educational activities, which increases the amount of
time children are exposed to cyberspace and its risks. Informing young users about the
importance of maintaining personal privacy is not…
The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A…
This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack…
With this report ENISA seeks to give insight on post-standardisation challenges. As a follow-up to ENISA’s 2021 Post-Quantum Cryptography: Current state and quantum mitigation study, the new report explores the necessity to design new…
The ECSF User Manual provides a comprehensive overview of the ECSF’s main scope, framework principles and application opportunities. The primary purpose of the manual is to make the ECSF easily accessible by, understandable for, and usable by all…
The ECSF role profiles document lists the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, competences. The main purpose of this framework is to create a common…
This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…
By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
