Image
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…
Featured publications
ENISA NIS360 2024
The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
All publications
Data Pseudonymisation: Advanced Techniques and Use Cases
This report, building on the basic pseudonymisation techniques, examines advanced solutions for more complex scenarios that can be based on asymmetric encryption, ring signatures and group pseudonyms, chaining mode, pseudonyms based on multiple…
2020 Report on CSIRT-LE Cooperation: study of roles and synergies among selected countries
The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental (n/g) CSIRTs, and law enforcement agencies (LEAs) and their…
Cloud Security for Healthcare Services
This study aims to provide Cloud security practices for the healthcare sector and identify security aspects, including relevant data protection aspects, to be taken into account when procuring Cloud services for the healthcare industry. The set of…
EUCS – Cloud Services Scheme
This publication is a draft version of the EUCS candidate scheme (European Cybersecurity Certification Scheme for Cloud Services), which looks into the certification of the cybersecurity of cloud services. In accordance with Article 48.2 of the…
Guidelines - Cyber Risk Management for Ports
This report aims to provide port operators with good practices for cyber risk assessment that they can adapt to whatever risk assessment methodology they follow. In order to achieve this, this report introduces a four-phase approach to cyber risk…
Artificial Intelligence Cybersecurity Challenges
This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…
ENISA Threat Landscape for 5G Networks Report
This report is an update of the ENISA 5G Threat Landscape, published in its first edition in 2019. This document is a major update of the previous edition. It encompasses all novelties introduced, it captures developments in the 5G architecture and…
NIS Investments Report 2020
Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany,…
How to set up CSIRT and SOC
This publication provides results-driven guidance for those who are interested in establishing a computer security incident response team (CSIRT) or security operations centre (SOC), and guidance on possible improvements for different types of…
Sectoral CSIRT Capabilities - Energy and Air Transport
This study provides a continuation of work on Sectoral IRC at European level following the publication of the 2019 “EU Member States incident response development status report”. The report focuses on trends in Energy and Air Transport Incident…