This report addresses the market for Managed Security Services (MSS) on both the demand and the supply side. It addresses MSS usage patterns, compliance and skills certification, threats, requirements, incidents and challenges…
EU Managed Security Services Certification to drive the cybersecurity market
Following the request of the European Commission for the development of a candidate certification scheme for Managed Security Services, the EU Agency for Cybersecurity (ENISA) launches a call for expression of interest to participate in the…
Cyber Resilience Act Requirements Standards Mapping - Joint Research Centre & ENISA Joint Analysis
To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…
Remote ID Proofing - Good practices
Through this report, ENISA aims to enhance stakeholder awareness, facilitate risk analysis in evolving threat landscapes, and bolster trustworthiness in remote identity proofing methods.
Engineering Personal Data Protection in EU Data Spaces
Common European data spaces (EU data spaces) are a novel concept introduced in the European strategy for data and elaborated further within the Data Governance Act (DGA). This report attempts to contextualise the main design principles regarding…
Digital Identity Standards
This report gives an overview of the most important standards and standardisation organisations in this area. This information is useful for the novice, to find out what is available, but also for more experienced readers who might not be aware of…
Trust Services-Secure move to the cloud of the eIDAS ecosystem
This report includes a detailed analysis on the different technical requirements that must be addressed considering the relevant standards. It also gives an overview of practical experiences on the move of trust services to the cloud, based on the…
DNS Identity
This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name…
Cybersecurity of AI and Standardisation
The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
Engineering Personal Data Sharing
This report attempts to look closer at specific use cases relating to personal data sharing, primarily in the health sector, and discusses how specific technologies and considerations of implementation can support the meeting of specific data…