Publications

Featured publications

ENISA NIS360

This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…

NIS Investments 2025

The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…

All publications

Publish Date

Cloud Computing Risk Assessment

ENISA, supported by a group of subject matter expert comprising representatives from Industries, Academia and Governmental Organizations, has conducted, in the context of the Emerging and Future Risk Framework project, an risks assessment on…

FAQ on NSIE

FAQs to the report Good Practice Guide Network Security
Information Exchanges

EFR Collaboration Platform

This deliverable is the user guide of a portal implementing the collaboration within an EFR assessment (e.g. version management, notification, review, etc.). The document is a draft version that is under review.

Good Practice Guide on Information Sharing

The main aim of this guide is to assist Member States and other relevant stakeholders in setting up and running Network Security Information Exchanges in their own countries. Hopefully the guide will pave the way for an accelerated deployment of…

EFR Framework Handbook

This handbook provides the documentation of the EFR Framework which consists of a scenario-based process model developed in order to assess and manage emerging and future risks.

Being diabetic in 2011

Identifying emerging and future risks in remote health monitoring and treatment

Assessing a simplified Information Security approach

Feedback from RA/RM Pilot

Emerging and Future Risks Executable Workflow, UML Description

This document refines the contents of the Emerging Risk Workflow and provides details that allow for the implementation (both manual and automated) of the EFR process. It is based on UML specification.

Technology-induced challenges in Privacy & Data Protection in Europe

The ENISA Working Group on Privacy & Technology has been established to analyse the problems posed by these technology trends and the implications for the current EU legal framework. The main task of the Working Group is to propose actions to…