Port Cybersecurity - Good practices for cybersecurity in the maritime sector
Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
ENISA good practices for security of Smart Cars
This report defines good practices for security of smart cars, namely connected and (semi-) autonomous vehicles, providing added-value features in order to enhance car users’ experience and improve car safety. Taking stock of all existing…
ENISA threat landscape for 5G Networks
This report draws an initial threat landscape and presents an overview of the challenges in the security of 5G networks. Its added value lays with the creation of a comprehensive 5G architecture, the identification of important assets (asset diagram…
Good Practices for Security of IoT - Secure Software Development Lifecycle
This ENISA study introduces good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime. Establishing secure development guidelines across the IoT…
Good practices in innovation on Cybersecurity under the NCSS
ENISA supports the efforts aimed to enhance the overall level of cybersecurity in the Member States (MS) both at a national and EU level. This report supports that effort by analysing how Member States are approaching innovation as a strategic…
SOG-IS Transposition
the overall scope of this study was to explore and provide an analysis of any likely impediments introduced by the Cybersecurity Act proposal [CSA_P] on a possible transposition of the existing SOG-IS MRA while identifying open challenges that…
Assessment of ETSI TS 119 403-3 related to eIDAS
This document assesses the eligibility of [ETSI TS 119 403-3], and the standards it builds upon, to be referenced in an implementing act adopted pursuant to Art.20(4) of the eIDAS Regulation. The findings suggest that if certain revisions take place…
Stock taking of security requirements set by different legal frameworks on OES and DSPs
In order to support organisations in their process of identifying appropriate security measures, based on the provisions of both NISD and GDPR, this report uses as basis the pre-existing ENISA guidance and presents a mapping of already identified…
AI an opportunity for the EU cyber crisis blueprint - Report
On the 3rd and 4th of June 2019, ENISA organized in Athens, Greece, a conference on Artificial Intelligence in the EU cyber crisis blueprint context under the title ‘ Artificial Intelligence-An opportunity for the EU cyber-crisis management’.…
Secure Group Communications for incident response and operational communities
With a number of cybersecurity incidents and an attack surface that increase every day, spanning from large infrastructures to the end users, there is the need to improve operational cooperation, preparedness and information exchange by promoting…