The document focuses on high-level competences which will be required to perform conformity assessment activities, in particular the experience and training requirements for the personnel employed by a CAB wishing to be notified (CRA NB) –…
ENISA NIS360
This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
ENISA Technology and Innovation Radar Methodology
The purpose of this report is to present a comprehensive methodology for identifying and analysing technology signals relevant to the cybersecurity landscape. It outlines the key stages of the process and explains how these variables can be…
National Capabilities Assessment Framework 2.0
This report represents an updated version of ENISA's national capabilities assessment framework (NCAF). The framework aims to help Member States undertake a self-assessment of their level of maturity by assessing their National…
NIS360: The bigger picture on maturity and criticality of NIS critical sectors
This year’s edition of the ENISA NIS360 report shows improvement in cybersecurity maturity of EU critical sectors while the level of criticality in sectors remains comparatively more stable.
ENISA Cybersecurity Market Analysis Framework (ECSMAF) – V3.0
ENISA's Cybersecurity Market Analysis Framework (ECSMAF) is a guide on how to conduct market analysis, including recurrent market analysis and continuous market monitoring, in the field of cybersecurity. This new version (Version 3.0)…
11th eHealth Security Conference
The EU Agency for Cybersecurity (ENISA) is organising the 11th eHealth Security Conference, in collaboration with the Office of the Commissioner of Communications. The conference will be a full-day physical event, hosted by the ICT Academy, on…
ENISA Technical Advisory for Secure Use of Package Managers
This document focuses on how developers can securely use package managers as part of their software development life cycle. In particular, this document, outlines common risks involved in the use of third-party packages, presents secure practices…
The ENISA Cybersecurity Exercise Methodology
The methodology offers an end-to-end theoretical framework for planning, running and evaluating cybersecurity exercises. It ensures the right profiles and stakeholders are involved at the right time. It provides theoretical material based on…
ENISA International Strategy 2026
The ENISA International Strategy sets out how the Agency works with international partners to strengthen cybersecurity across the European Union.