Search

By Topics

By Type

Published on
Cover page of an ENISA report titled 'Cybersecurity Roles and Skills for NIS2 Essential and Important Entities', featuring a person typing on a laptop with floating digital icons representing cybersecurity roles. The report is dated June 2025 and maps NIS2 obligations to the ECSF.

Cybersecurity roles and skills for NIS2 Essential and Important Entities

Publications

 ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the…

National / EU authorities, Private Sector
Visual promoting the 5th ENISA–ERA Conference on Cybersecurity in Railways, 1–2 December in Tallinn, Estonia, featuring a virtual train.

5th ENISA-ERA Conference on Cybersecurity in Railways

Events

Registration and call for papers are open for the 2025 edition of this conference, that will take place in Tallinn, Estonia, on 1-2 December 2025.

Private Sector

Cybersecurity Certification: Candidate EUCC Scheme

Publications

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
National / EU authorities, Private Sector

Railway Cybersecurity

Publications

This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Private Sector

Market of Cybersecurity Assessments

Publications

This Report aims at presenting the current state of play of cybersecurity assessments of ICT products and cloud services. In order to study the dynamic of the related market, the report focuses on the evolution of the number of assessed ICT…
National / EU authorities

Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'

Publications

This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are: 1. Measurement of cyber security attitudes and behaviours, 2.…
Private Sector

Port Cybersecurity - Good practices for cybersecurity in the maritime sector

Publications

Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
Private Sector

Cybersecurity Certification: Candidate EUCC Scheme V1.1.1

Publications

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
National / EU authorities, Private Sector

Good Practices for Supply Chain Cybersecurity

Publications

The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…

National / EU authorities, Private Sector

EU Cybersecurity Initiatives in the Finance Sector

Publications

The finance sector is a heavily regulated sector, and cybersecurity provisions are already included in multiple EU policies and legislations (e.g. PSD 2 , MIFID II ). EU institutions, agencies, bodies, regulators and other groups of stakeholders run…
Private Sector