Assessment of EU Telecom Security Legislation
European Union telecom security legislation has been changing over the last few years. In light of these policy changes, ENISA carried out an assessment of the implementation of EU telecom security policy, to inform policy makers in the Commission…
5G Supplement - to the Guideline on Security Measures under the EECC
This document contains a 5G technology profile which supplements the technology-neutral Guideline on Security Measures under the EECC. The document gives additional guidance to competent national authorities about how to ensure implementation and…
Guideline on Security Measures under the EECC
This document, the Technical Guideline for Security Measures, provides guidance to competent authorities about the technical details of implementing Articles 40 and 41 of the EECC: how to ensure that providers assess risks and take appropriate…
Cybersecurity for SMEs - Challenges and Recommendations
In response to the COVID19 pandemic, ENISA analysed the ability of SMEs within the EU to cope with the cybersecurity challenges posed by the pandemic and determining good practices to address those challenges. This report provides cybersecurity…
Cybersecurity guide for SMEs - 12 steps to securing your business
The COVID-19 crisis showed how important the Internet and computers in general are for SMEs. In order to thrive in business during the pandemic many SMEs had to take business continuity measures, such as adopting to cloud services, improving…
PSIRT Expertise and Capabilities Development
This study focuses on the Sectoral CSIRT and PSIRT capabilities status and development within the Energy and Health sectors as specified within the NIS directive. A desk research has been conducted, followed by a survey which was answered by 7…
Public Consultation on the draft Candidate EUCC Scheme
This report presents the outcome of the public consultation on the first draft of the cybersecurity certification candidate EUCC scheme. The scheme was developed following the request from the European Commission in accordance with Article 48.2 of…
Cybersecurity Certification: Candidate EUCC Scheme V1.1.1
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
CTF Events
This report addresses the contemporary use of capture-the-flag (CTF) competitions around the world. It first provides background on such competitions, their structure and variations. Analyses of recent competitions is then conducted, comprising an…
Recommendations for the security of CAM
The aim of this report is to provide a high-level overview of the cybersecurity challenges in the CAM sector and to highlight both the concerned CAM actors and associated recommendations. Cybersecurity in the CAM ecosystem is partially standardised…