Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…
Consultation on the draft of the candidate Certification Scheme on Cloud Services (EUCS) - Closed
The European Union Agency for Cybersecurity (ENISA) launched a public consultation from the 22nd December 2020 to the 7th of February 2021 on its first draft of the candidate European Union Cybersecurity Certification Scheme on Cloud Services (…
Securing Machine Learning Algorithms
Based on a systematic review of relevant literature on machine learning, in this report we provide a taxonomy for machine learning algorithms, highlighting core functionalities and critical stages. The report also presents a detailed analysis of…
How to Avoid SIM-Swapping - Leaflet
This leaflet, addresses the SIM-swapping attacks, how to recognise them and how to mitigate the risk connected to this fraud. In fact, subscriber Identity Module (SIM) swapping is a legitimate procedure performed by a customer to change their SIM…
Countering SIM-Swapping
In this study, we give an overview of how SIM-Swapping attacks work, list measures that providers can take to mitigate the attack and make recommendations for policy makers and authorities in the telecom sector and other sectors. Security of…
Raising Awareness of Cybersecurity
This report seeks to assist EU Member States in further building their cybersecurity capacities by analysing best practices on raising citizens’ awareness of cybersecurity. We have collected information and evaluated the intensity, regularity and…
Railway Cybersecurity - Good Practices in Cyber Risk Management
This report aims to be a reference point for current good practices for cyber risk management approaches that are applicable to the railway sector. It offers a guide for railway undertakings and infrastructure managers to select, combine or adjust…
Addressing Skills Shortage and Gap Through Higher Education
In this report, ENISA contributes to both practice and research on the cybersecurity skills shortage and gap in two distinctive areas. Firstly, it provides an overview of the current supply of cybersecurity skills in Europe through an analysis of…
Foresight Challenges
This report aims to highlight the most relevant foresight methods based on ubiquity or suitability to ENISA’s core needs to adequately address future cybersecurity threats and shape a more secure society. In fact, foresight enables reflection on…
NIS Investments Report 2021
Following the 2020 NIS Investment publication, this report covers all 27 EU Member States and offering additional insights into the allocation of NIS budgets of OES/DSP, the economic impact of cybersecurity incidents and the organisation of…