The report outlines the trends of web application attacks and provides guidelines to mitigate them
ENISA Threat Landscape 2020 - Web-based attacks
The report offers an overview of the web-based attacks, provides a compendium of trends and identifies attack vectors. A series of proposed actions for mitigation is provided.
ENISA Threat Landscape 2020 - Distributed denial of service
The report outlines the findings on ddos attacks, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.
ENISA Threat Landscape 2020 - Physical manipulation/ damage/ theft/ loss
The report provides an overview of physical tampering, damage, theft and loss of devices and outlines security practices, trends and findings. It also lists proposed actions for mitigation
Securing Smart Airports
In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant…
Artificial Intelligence Cybersecurity Challenges
This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…
Supply Chain Integrity: An overview of the ICT supply chain risks and challenges, and vision for the way forward (2015)
The root of this report is the assertion that Governments, corporations, organizations, and consumers are increasingly reliant on ICT products and services, and thus on the supply chains that deliver them. As a result of this reliance threats to…
European Cybersecurity Month 2022 Campaign Report
The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats:
1. Phishing: so that users may detect and react to the most common attack against individuals.
2. Ransomware: so…
Guidelines for trust service providers - Part 2: Risk assessment
This document covers the following aspects of Trust Service Providers operations:
• Assets: identification, classification and evaluation
• Threats to assets: classification and evaluation
• Vulnerabilities present in the environment
• Probability…