ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the…
5th ENISA-ERA Conference on Cybersecurity in Railways
Registration and call for papers are open for the 2025 edition of this conference, that will take place in Tallinn, Estonia, on 1-2 December 2025.
Railway Cybersecurity
This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'
This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are:
1. Measurement of cyber security attitudes and behaviours, 2.…
Port Cybersecurity - Good practices for cybersecurity in the maritime sector
Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
Good Practices for Supply Chain Cybersecurity
The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…
EU Cybersecurity Initiatives in the Finance Sector
The finance sector is a heavily regulated sector, and cybersecurity provisions are already included in multiple EU policies and legislations (e.g. PSD 2 , MIFID II ). EU institutions, agencies, bodies, regulators and other groups of stakeholders run…
Procurement Guidelines for Cybersecurity in Hospitals
As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…
Good practices in innovation on Cybersecurity under the NCSS
ENISA supports the efforts aimed to enhance the overall level of cybersecurity in the Member States (MS) both at a national and EU level. This report supports that effort by analysing how Member States are approaching innovation as a strategic…
A Governance Framework for National Cybersecurity Strategies
This study focuses on the good practices around the set-up and deployment of a governance framework to support the implementation of the NCSS in the EU. The main aim of this statistical outline is to give an overview of the key findings of the…