Publications

Featured publications

ENISA Threat Landscape 2024

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Foresight Cybersecurity Threats For 2030 - Update 2024: Executive Summary

This is the executive summary of the second iteration of The “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report…

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

Publish Date

Good Practices for Supply Chain Cybersecurity

The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…

Trust Services-Secure move to the cloud of the eIDAS ecosystem

This report includes a detailed analysis on the different technical requirements that must be addressed considering the relevant standards. It also gives an overview of practical experiences on the move of trust services to the cloud, based on the…

Artificial Intelligence and Cybersecurity Research

The aim of this study is to identify needs for research on AI for cybersecurity and on securing AI, as part of ENISA’s work in fulfilling its mandate under Article 11 of the Cybersecurity Act . This report is one of the outputs of this task. In it…

Cybersecurity and privacy in AI - Forecasting demand on electricity grids

This report allows better assessment of the reality that artificial intelligence brings its own set of threats, which consequently insists on the search for new security measures to counter them. Finally, it should be noted that this guide strongly…

Cybersecurity and privacy in AI - Medical imaging diagnosis

This report allows better assessment of the reality that artificial intelligence brings its own set of threats, which consequently insists on the search for new security measures to counter them. Finally, it should be noted that this guide strongly…

Multilayer Framework for Good Cybersecurity Practices for AI

In this report, we present a scalable framework to guide NCAs and AI stakeholders on the steps they need to follow to secure their AI systems, operations and processes by using existing knowledge and best practices and identifying missing elements.…

5G Security Controls Matrix

The ENISA 5G Security controls matrix is a comprehensive and dynamic matrix of security controls and best practices for 5G networks, to support the national authorities in the EU Member States with implementing the technical measures of the EU’s 5G…

DNS Identity

This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name…

Cybersecurity Support Action

The ENISA Cybersecurity Support Action provides ex-post and ex-ante services and assistance to Member States' NIS2 Directive entities.

European Cybersecurity Month 2022 Campaign Report

The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats: 1. Phishing: so that users may detect and react to the most common attack against individuals. 2. Ransomware: so…