Information sharing and common taxonomies between CSIRTs and Law Enforcement
This Report on Information Sharing and Common Taxonomies between CSIRTs and Law Enforcement Agencies (LEAs) was produced at the initiative of ENISA with the objective to enhance cooperation both between the Member States (MS) of the EU and between…
Stocktaking, Analysis and Recommendations on the protection of CIIs
This study takes stock of and analyses the different approaches the EU Member States take to protect their critical information infrastructures by presenting key findings, the different CIIP governance structures and by emphasizing on good…
Good Practice Guide on Vulnerability Disclosure. From challenges to recommendations
Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose…
Architecture model of the transport sector in Smart Cities
The main objective of this study is to model the architecture of the transport sector in SCs and to describe good cyber security practices of IPT operators. The good practices are put into a relationship with different city maturity levels. This…
Cyber Security and Resilience of Intelligent Public Transport. Good practices and recommendations
This study proposes a pragmatic approach that will highlight the critical assets of Intelligent Public Transport systems. It gives an overview of the existing security measures (good practices) that could be deployed to protect these critical assets…
CSIRT Capabilities. How to assess maturity? Guidelines for national and governmental CSIRTs
This report focuses on the maturity of national and governmental Computer Security and Incident Response Teams (CSIRTs) and the Trusted Introducer1 certification scheme for CSIRTs as an indicator of the maturity level of teams. The issues covered…
Security and Resilience in eHealth Infrastructures and Services
The aim of this study is to investigate the approaches and measures MS take to protect critical healthcare systems, having as a main goal improved healthcare and patient safety. In that respect this study analyses:
- The policy context in Europe and…
Online privacy tools for the general public
ENISA has published a study in the area of PETs for the protection of online privacy (online privacy tools) with two main objectives: a) to define the current level of information and guidance that is provided to the general public and b) to provide…
Privacy by design in big data
The extensive collection and further processing of personal information in the context of big data analytics has given rise to serious privacy concerns, especially relating to wide scale electronic surveillance, profiling, and disclosure of private…
Cyber Security Information Sharing: An Overview of Regulatory and Non-regulatory Approaches
This study aims to present the regulatory and non-regulatory approaches of EU Member States as well as EEA and EFTA countries to share information on cyber incidents, the different sector regulation challenges of managing cyber security issues, and…