Publications

Featured publications

ENISA Threat Landscape 2025

Download

Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…

NIS2 Technical Implementation Guidance

Download

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…

ENISA NIS360 2024

Download

The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…

All publications

By topics

By type

Publish Date

ENISA Cybersecurity Market Analysis Framework (ECSMAF)

This document is the cornerstone of ENISA activities in analysing the EU cybersecurity market: it presents a cybersecurity market analysis framework as a “cookbook” on how EU cybersecurity market analyses can be performed.
National / EU authorities

EU Cybersecurity Market Analysis - IoT in Distribution Grid

This report analyses demand and supply of IoT cybersecurity in distribution grids. It provides detailed indications on how this market might further develop in the future. The conclusions provided in the report are related to the envisaged scope,…
National / EU authorities
cross-sector exercise requirements

Cross-Sector Exercise Requirements

This report aims to identify the skills, exercises and training needed to ensure that the information exchange among the European information sharing and analysis centres (ISACs) is effective and efficient.
National / EU authoritiesPrivate Sector

European Cybersecurity Month 2021 - Deployment report

The deployment report of the European Cybersecurity Month (ECSM) for 2021, summarises the activities introduced towards reducing cyber incidents. It evaluates the campaign of last year and provides insights for the future.
Private Sector

Deploying Pseudonymisation Techniques

Pseudonymisation is increasingly becoming a key security technique for providing a means that can facilitate personal data processing, while offering strong safeguards for the protection of personal data and thereby safeguarding the rights and…
Private Sector

5G Cybersecurity Standards

This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.
Private Sector

Risk Management Standards

The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
National / EU authoritiesPrivate Sector

Cyber Threats Outreach In Telecom

In this paper, we aim to give guidance to national Authorities and providers of electronic communications networks and services regarding how to strike the right balance and carry out efficient and effective outreach to users about cyber threats.
National / EU authoritiesPrivate Sector

Cyber Threats Outreach In Telecom - Leaflet

This leaflet provides basic guidelines for National Authorities and telecom providers on how to inform users about cyber threats.

2021 Report on CSIRT-Law Enforcement Cooperation

The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental CSIRTs, and Law enforcement agencies (LEAs) and their interactions with…
National / EU authorities