Search

By Topics

By Type

Published on
Cover page of an ENISA report titled 'Cybersecurity Roles and Skills for NIS2 Essential and Important Entities', featuring a person typing on a laptop with floating digital icons representing cybersecurity roles. The report is dated June 2025 and maps NIS2 obligations to the ECSF.

Cybersecurity roles and skills for NIS2 Essential and Important Entities

Publications

 ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the…

National / EU authorities, Private Sector
Visual promoting the 5th ENISA–ERA Conference on Cybersecurity in Railways, 1–2 December in Tallinn, Estonia, featuring a virtual train.

5th ENISA-ERA Conference on Cybersecurity in Railways

Events

Registration and call for papers are open for the 2025 edition of this conference, that will take place in Tallinn, Estonia, on 1-2 December 2025.

Private Sector

Railway Cybersecurity

Publications

This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Private Sector

Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'

Publications

This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are: 1. Measurement of cyber security attitudes and behaviours, 2.…
Private Sector

Cybersecurity Certification Market Study

Publications

This study proposes a set of initial methodological steps to work towards a market analysis on cybersecurity certification of ICT products, ICT services and ICT processes. The performance of a market analysis on cybersecurity certification aims to…
National / EU authorities

Cloud Cybersecurity Market Analysis

Publications

The present European Union Agency for Cybersecurity (ENISA) report is an analysis of the cloud cybersecurity market, planned for in ENISA’s Work Programme 2022 ( ) under activity O.7.1., ‘Market analysis on the main trends in the cybersecurity…
National / EU authorities

Port Cybersecurity - Good practices for cybersecurity in the maritime sector

Publications

Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
Private Sector

Good Practices for Supply Chain Cybersecurity

Publications

The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…

National / EU authorities, Private Sector

EU Cybersecurity Initiatives in the Finance Sector

Publications

The finance sector is a heavily regulated sector, and cybersecurity provisions are already included in multiple EU policies and legislations (e.g. PSD 2 , MIFID II ). EU institutions, agencies, bodies, regulators and other groups of stakeholders run…
Private Sector
EU Managed Security Services Certification ad hoc working group call. Image with blue background depicting an illustrated woman working on analysis data in different screens.

EU Managed Security Services Certification to drive the cybersecurity market

News

Following the request of the European Commission for the development of a candidate certification scheme for Managed Security Services, the EU Agency for Cybersecurity (ENISA) launches a call for expression of interest to participate in the…

National / EU authorities, Private Sector