Strategies for incident response and cyber crisis cooperation
This document was prepared for the NIS Platform WG2 members introducing the main functions of CSIRTs from incident handling to crisis coordination – a high-level summary of the basics of incident response based on ENISA’s previous work on CSIRTs and…
The cost of incidents affecting CIIs
The aim of the study is to assess the economic impact of incidents that affect CIIs in EU, based on existing work done by different parties, and set the proper ground for the future work of ENISA in this area.
Analysis of standards related to Trust Service Providers - Mapping of requirements of eIDAS to existing standards
This report on one hand analyses the eIDAS requirements with regard to the standards, on the other analyses currently available standards and compares the results of both analyses. Such a mapping is oriented at the requirements specified in the…
Governance framework for European standardisation
In response to the European Union’s Cybersecurity Strategy, the CSCG has published a White Paper with recommendations on digital security. The CSCG’s recommendations underline the importance of Cybersecurity standardisation to complete the European…
Definition of Cybersecurity - Gaps and overlaps in standardisation
This document analyses the usage of this term by various stakeholders and reviews standardisation activities in the area of Cybersecurity, providing an overview of overlaps and gaps in available standards. It has been written by CSCG and ENISA…
Information security and privacy standards for SMEs
The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy…
Exploring Cloud Incidents
The use of cloud computing technologies is gaining increased popularity and quickly becoming the norm. At the same time, the cloud service providers (CSP) are not always able to keep up the pace with new technologies. This also affects forensic…
Qualified Website Authentication Certificates
This report proposes six strategies and twelve recommended actions as an escalated approach that targets the most important aspects detected to be critical for (i) improving the website authentication market in Europe and (ii) successfully…
Common practices of EU-level crisis management and applicability to the cyber crises
Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…
Readiness Analysis for the Adoption and Evolution of Privacy Enhancing Technologies
This report aims at developing a methodology that allows to compare different Privacy Enhancing Tech-nologies (PETs) with regard to their maturity, i.e., their technology readiness and their quality concerning the provided privacy notion. The report…