Flash note: Cyber-attacks – a new edge for old weapons
The EU’s cyber security agency ENISA has analysed recent major cyber-attacks and is calling for Europe’s businesses and government organisations to take urgent action to combat emerging attack trends. These are characterised by established attack…
Priorities for EU research
The objective of this current document is to provide an analysis of the research proposals of the ECSO SRIA document by briefly summarizing each research priority, and highlighting the areas where the priorities have to be aligned with the…
Ontology and taxonomies of resilience
Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context is…
Emergency Communications Stocktaking
The Emergency Communications Stocktaking project is an initiative of the European Network and Information Security Agency (ENISA) to determine how emergency services communicate within their own organisations and with each other in times of…
Deploying Pseudonymisation Techniques
Pseudonymisation is increasingly becoming a key security technique for providing a means that can facilitate personal data processing, while offering strong safeguards for the protection of personal data and thereby safeguarding the rights and…
Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'
This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are:
1. Measurement of cyber security attitudes and behaviours, 2.…
Procurement Guidelines for Cybersecurity in Hospitals
As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…
Cybersecurity for SMEs - Challenges and Recommendations
In response to the COVID19 pandemic, ENISA analysed the ability of SMEs within the EU to cope with the cybersecurity challenges posed by the pandemic and determining good practices to address those challenges. This report provides cybersecurity…
Technical guideline for Incident Reporting
This document describes a framework for security incident reporting based on the requirements set by article 19 of the eIDAS regulation. It is being developed on a consensus basis between the experts of the working group formed by ENISA and it is…
Status of privacy and NIS course curricula in EU Member States
User Education is key in cyber security. Our work for this report follows up on previous efforts and suggested recommendations from 2014 and 2013. The first objective of this report is to identify gaps between available training courses,…