Search

This report provides an overview of the legislative framework under eIDAS for electronic identification, presents the landscape of notified and pre-notified eID schemes and identifies key trends in the electronic identification field. Moreover, it…

Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…

This leaflet, addresses the SIM-swapping attacks, how to recognise them and how to mitigate the risk connected to this fraud. In fact, subscriber Identity Module (SIM) swapping is a legitimate procedure performed by a customer to change their SIM…

This report aims to provide port operators with good practices for cyber risk assessment that they can adapt to whatever risk assessment methodology they follow. In order to achieve this, this report introduces a four-phase approach to cyber risk…

This report is based on a study and analysis of approaches to national-level risk assessment and threat modelling for cyber security which was conducted between April and October 2013. ENISA aims to provide an evidence-based methodology for…

The purpose of this roadmap is to further explore the cooperation across computer security incident response teams (CSIRTs) in particular with national and governmental - law enforcement (LE) and the Judiciary (prosecutors and judges). This roadmap…

This report aims at mapping and studying the supply chain attacks that were discovered from January 2020 to early July 2021. Based on the trends and patterns observed, supply chain attacks increased in number and sophistication in the year 2020 and…

The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated…

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…

The “Algorithms, key size and parameters” report of 2014 is a reference document providing a set of guidelines to decision makers, in particular specialists designing and implementing cryptographic solutions for personal data protection within…