This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
EISAS – European Information Sharing and Alerting – has proven to be a great opportunity to enhance collaboration and foster awareness-raising actions across Europe. ENISA helped design EISAS, but now EISAS has to run by itself.
The…
The proposed NIS Directive mentions cloud computing explicitly. This is not surprising. Cloud infrastructures play an increasingly important role in the digital society. A large part of the EU’s Digital Agenda is the European cloud strategy which…
Much of Europe’s critical infrastructure which resides in sectors such as energy, transportation,water supply is largely managed and controlled by SCADA (Supervisory Control and Data Acquisition) systems, a subgroup of Industrial Control Systems…
This document builds upon the current practice of CSIRTs with responsibilities for ICS networks, and also on the earlier work of ENISA on a baseline capabilities scheme for national/ governmental (n/g) CSIRTs. The document is an initial attempt…
This Good Practice Collection was produced at the initiative of ENISA in the context of its support activities to ensure the efficient functioning of CSIRTs and their cooperation with Law Enforcement Agencies (LEAs) in the face of a new…
Mobile communications are an integral part of everyday life. In less than 30 years they have surpassed the traditional fixed line telephony. Every day millions of European citizens rely on mobile telephony for work, social life, but also to…
This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams (CERTs, also known as CSIRTs). It describes good practices and provides practical information and guidelines for the process of preparing and…
This report aims at providing input for the adoption of a framework on privacy certifications, as well as for eGovernment certification in Europe. There are numerous IT security certification schemes across the European Member States that can…
The focus of this report is on the threat and incident information exchange and sharing practices used among CERTs in Europe, especially, but not limited to, national/governmental CERTs.
It aims at:
- Taking stock of existing…
This report is based on a study and analysis of approaches to national-level risk assessment and threat modelling for cyber security which was conducted between April and October 2013. ENISA aims to provide an evidence-based methodology for…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
