The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
This report (ETL 2015), is the result of an analysis of cyber-threats that have been encountered in the last 12 months, that is, approximately between December 2014 and December 2015. ETL 2015 is the fourth in a series of reports issued yearly by…
This Threat Landscape and Good Practice Guide for Big Data provides an overview of the current state of security in the Big Data area. In particular, it identifies Big Data assets, analyses exposure of these assets to threats, lists threat agents…
This study reviews threats and potential compromises related to the security of SDN/5G networks. More specifically, this report has identified related network assets and the security threats, challenges and risks arising for these assets. Driven…
This Report on Information Sharing and Common Taxonomies between CSIRTs and Law Enforcement Agencies (LEAs) was produced at the initiative of ENISA with the objective to enhance cooperation both between the Member States (MS) of the EU and…
This study takes stock of and analyses the different approaches the EU Member States take to protect their critical information infrastructures by presenting key findings, the different CIIP governance structures and by emphasizing on good…
Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose…
This study proposes a pragmatic approach that will highlight the critical assets of Intelligent Public Transport systems. It gives an overview of the existing security measures (good practices) that could be deployed to protect these critical…
The main objective of this study is to model the architecture of the transport sector in SCs and to describe good cyber security practices of IPT operators. The good practices are put into a relationship with different city maturity levels. This…
This report focuses on the maturity of national and governmental Computer Security and Incident Response Teams (CSIRTs) and the Trusted Introducer1 certification scheme for CSIRTs as an indicator of the maturity level of teams. The issues covered…
The aim of this study is to investigate the approaches and measures MS take to protect critical healthcare systems, having as a main goal improved healthcare and patient safety. In that respect this study analyses:
- The policy context in…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
