Search results

133 items matching your search terms.
Filter the results.
Item type



















































New items since



Sort by relevance · date (newest first) · alphabetically
Report/Study Octet Stream Proposal for One Security Framework for Articles 4 and 13a
There are two pieces of EU legislation which explicitly mention security measures in the telecom sector: Article 4 of the e-Privacy directive asks providers to take security measures to protect security of personal data processing. Article 13a of the Framework directive asks providers to take security measures to protect security of the provided networks and services. It has been argued there is an 80% overlap between the two articles. ENISA would like to leverage this overlap and in this way optimize the implementation of both articles across the EU and where possible achieve harmonization between the implementation of Article 13a and Article 4. We look forward to discussing and developing this proposal further with all competent authorities (on Article 13a and 4), including DPAs and NRAs.
Located in Publications
Report/Study Security incidents indicators - measuring the impact of incidents affecting electronic communications
Measuring the impact of incidents has become one of the toughest challenges nowadays, given the multitude of factors/indicators that must be taken into consideration. To address this issue, indicators are used, accompanied by thresholds, to assess the impact of incidents. This approach allows evaluation of incidents from various perspectives, such as business perspective, compliance with regulations, root causes, impact on customers etc. Incidents can vary in nature, and this report tries to include as many indicators as possible, so that as many types of incidents as possible are covered.
Located in Publications
Report/Study ECMAScript program Power Supply Dependencies in the Electronic Communications Sector
Electronic communications are the backbone of the EU’s digital society. Article 13a of the EU’s electronic communications Framework directive asks EU Member States to ensure the security and resilience of public electronic communications networks and services. As part of the implementation of Article 13a, National Regulatory Authorities (NRAs) in the EU collect reports about incidents with a significant impact on the electronic communications networks and services. Yearly, ENISA publishes an annual report which summarizes these incident reports and provides an aggregate analysis of major outages. As can be seen in the ENISA annual report, power cuts are a dominant cause of severe network and service outages in the EU’s electronic communications sector. In the report “Power Supply Dependencies in the Electronic Communications Sector”, we study these incidents in more detail and we make recommendations to NRAs and electronic communications service providers and to some extent also to actors in the energy sector as well as civil protection authorities. Our recommendations are aimed at improving the electronic communications sector’s ability to withstand and act efficiently after power cuts.
Located in Publications
Report/Study Cyber Incident Reporting in the EU
We summarize different security articles in EU legislation which mandate cyber incidents and cyber security measures. In a single diagram we give an overview of Article 13a and Article 4 of the Telecom package, Article 15 of the proposed eID/eSig regulation, and articles 30, 31, and 32 of the proposed Data Protection regulation. We also look ahead to the EU Cyber security strategy and we raise a number of issues that we believe should be addressed in the near future.
Located in Publications
Report/Study Technical guideline for Incident Reporting
This document describes a framework for security incident reporting based on the requirements set by article 19 of the eIDAS regulation. It is being developed on a consensus basis between the experts of the working group formed by ENISA and it is reviewed by various relevant stakeholders from both the private and the public sector. The final report includes the consensual contributions and modifications of all stakeholders involved in its development and as such it is not a binding guideline.
Located in Publications
Report/Study Incident Reporting for Cloud Computing
The proposed NIS Directive mentions cloud computing explicitly. This is not surprising. Cloud infrastructures play an increasingly important role in the digital society. A large part of the EU’s Digital Agenda is the European cloud strategy which aims to speed up adoption of cloud computing for financial and economic benefits. ENISA has often underlined the security opportunities of cloud computing. In this report we analyse how cloud providers, customers in critical sectors, and government authorities can set up cloud security incident reporting schemes.
Located in Publications
Report/Study chemical/x-pdb Good Practice Guide for Incident Management
This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams. It describes good practices and provides practical information and guidelines for the management of network and information security incidents with an emphasis on incident handling.
Located in Publications
EQR Issue EQR Q1 2009, vol. 5, no. 1
Resilience of Communication Networks - Part II
Located in Publications / ENISA Quarterly Review - Archive / Past Issues
EQR Issue EQR Q4 2005, vol. 1, no. 3
Open issue
Located in Publications / ENISA Quarterly Review - Archive / Past Issues
EQR Issue EQR Q1 2006, vol. 2, no. 1
Open issue
Located in Publications / ENISA Quarterly Review - Archive / Past Issues

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information