Critical Cloud Computing-A CIIP perspective on cloud computing services
In this report we look at cloud computing from a Critical Information Infrastructure Protection (CIIP) perspective and we look at a number of scenarios and threats relevant from a CIIP perspective, based on a survey of public sources on uptake of…
Gaps in NIS standardisation - Recommendations for improving NIS in EU standardisation policy
This report recommends that the European Commission, with the support of the Member States, pursuant to the NIS Directive, adopt a standards based framework for the exchange of threat and defensive measure information that impacts the functioning of…
Good Practices for Security of Internet of Things in the context of Smart Manufacturing
This ENISA study aims at addressing the security and privacy challenges related to the evolution of industrial systems and services precipitated by the introduction of IoT innovations. The main objectives were to collect good practices to ensure…
Communication network interdependencies in smart grids
This study focuses on the evaluation of the interdependencies and communications between all the assets that make up the new power grids, their architectures and connections in order to determine their importance, threats, risks, mitigation factors…
Consumerization of IT: Top Risks and Opportunities
This report is an ENISA deliverable in the area of “Identifying & Responding to the Evolving Threat Environment”. It delivers the results of a risk and opportunity assessment in the area of “Consumerization of IT” (COIT), that is, the recent…
Proactive detection of security incidents II - Honeypots
An increasing number of complex attacks demand improved early warning detection capabilities for CERTs. By having threat intelligence collected without any impact on production infrastructure, CERTs can better defend their constituencies assets.…
Remote Identity Proofing - Attacks & Countermeasures
Remote identity proofing is a crucial element in creating trust for digital services. The present study analyses the collection and validation of evidence provided by the applicant to complete the verification of his or her identity. More…
Reporting on Threathunt 2030: Navigating the future of the cybersecurity threat landscape
The European Union Agency for Cybersecurity (ENISA) organised the 2024 edition of the ‘Threathunt 2030’ in Athens, the flagship conference on cybersecurity threats foresight.
European Cyber Security Month - Deployment report
ECSM is an EU advocacy campaign that promotes cyber security among citizens and advocates for change in the perception of cyber-threats by promoting data and information security, education, sharing of good practices and competitions.
The objective…
From Cyber to Outer Space: A Guide to Securing Commercial Satellite Operations
The European Union Agency for Cybersecurity (ENISA) explores the cybersecurity threat landscape of space to strengthen the resilience of commercial satellites.