Publications

Featured publications

ENISA NIS360

This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…

NIS Investments 2025

The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…

All publications

Publish Date

Telecom Security During a Pandemic

The COVID-19 pandemic not only highlighted the importance of electronic communication networks and services for the EU’s society and economy, but it also triggered major changes and challenges in their use in the EU and worldwide. In this paper,…

Cybersecurity Stocktaking in the CAM

In this document, the CAM ecosystem and insights involving stakeholder interactions, critical services and infrastructures, standards, as well as security measures are described. The insights gained from the survey, interviews, and desk research…

Railway Cybersecurity

This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…

Guidelines for Securing the Internet of Things

This ENISA study defines guidelines for securing the supply chain for IoT. ENISA with the input of IoT experts created security guidelines for the whole lifespan: from requirements and design, to end use delivery and maintenance, as well as…

ENISA Threat Landscape 2020 - Cyber threat intelligence overview

The report assesses the state-of-play of cyber threat intelligence (CTI) as a dynamic cybersecurity domain. This analysis aims to indicate the main trends in the expeditious development of CTI by providing relevant references and summarizing the…

ENISA Threat Landscape - Emerging trends

With the start of a new decade, significant changes can be expected in the way we perceive and understand cybersecurity or the security of cyberspace. The report lists relevant cybersecurity challenges and the top five trends with cyberthreats.…

ENISA Threat Landscape 2020 - Botnet

The report outlines the findings related to botnet, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.

ENISA Threat Landscape 2020 - Cryptojacking

The report outlines the findings on cryptojacking, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.

ENISA Threat Landscape 2020 - Cyber espionage

The report outlines the trends related to cyber espionage attacks and provides guidelines to mitigate them.

ENISA Threat Landscape 2020 - Data Breach

The report outlines the findings on data breach, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.