Publications

Featured publications

NIS2 Technical Implementation Guidance

Download

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…

ENISA NIS360 2024

Download

The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

All publications

By topics

By type

Publish Date
Remote_ID_Proofing.png

Remote ID Proofing - Good practices

Through this report, ENISA aims to enhance stakeholder awareness, facilitate risk analysis in evolving threat landscapes, and bolster trustworthiness in remote identity proofing methods.

Private Sector
ENISA_Single_Programming_Document_2024-2026-Condensed_version.png

ENISA Single Programming Document 2024 - 2026 - Condensed version

The 2024 Work Programme outlines planned activities and objectives aimed at enhancing cybersecurity across the EU.

Best_Practices_for_Cyber_Crisis_Management.png

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

National / EU authorities

Trust Services Security Incidents 2022

This report, the Annual Report Trust Services Security Incidents 2022, provides an aggregated overview of the notified breaches for 2022, analysing root causes, statistics and trends. This report marks the sixth round of security incident reporting…
National / EU authorities

Cyber Insurance - Models and methods and the use of AI

The main objective of this report is to introduce cyber risk and cyber insurance, provide an overview of existing research and modelling approaches, and identify gaps for upcoming research projects.
Private Sector

Low Earth Orbit (LEO) SATCOM Cybersecurity Assessment

This report explores the cybersecurity of Low Earth Orbit (LEO) constellations providing telecommunications services (LEO satcom). Examining various threats and risks-technical, financial, or commercial the landscape of potential attacks is vast. It…
Private Sector

Market of Cybersecurity Assessments

This Report aims at presenting the current state of play of cybersecurity assessments of ICT products and cloud services. In order to study the dynamic of the related market, the report focuses on the evolution of the number of assessed ICT…
National / EU authorities

ENISA Single Programming Document 2024 - 2026

Including multiannual planning, work programme 2024 and multiannual staff planning.

Engineering Personal Data Protection in EU Data Spaces

Common European data spaces (EU data spaces) are a novel concept introduced in the European strategy for data and elaborated further within the Data Governance Act (DGA). This report attempts to contextualise the main design principles regarding…
Private Sector
ENISA Threat Landscape for DoS Attacks

ENISA Threat Landscape for DoS Attacks

Denial-of-Service (DoS) attacks have been a constant security concern for organisations. However, in the last few years, DoS attacks have become easier, cheaper and more aggressive than ever before. The emergence of new armed conflicts around the…
National / EU authoritiesPrivate Sector