A simplified approach to Risk Management for SMEs
The aim of this document is to provide a simplified and comprehensive view of risk management/risk
assessment for use within small and medium sized enterprises (SMEs). To achieve this goal, the
present document has been structured in a modular way.…
Consumerization of IT: Final report on Risk Mitigation Strategies and Good Practices
This report presents security policies that can be deployed to mitigate risks that are related with the trend of Consumerization of IT (COIT) and Bring Your Own Device (BYOD). The aim of this document is to identify mitigation strategies, policies…
Recommendations for technical implementation of Art.4
In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of…
NIS Investments Report 2020
Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany,…
NIS Investments 2022
This report marks the third iteration of ENISA's NIS Investments report, which collects data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in the European Union’s directive on security of network and…
Standardisation in the field of Electronic Identities and Trust Service Providers
This paper explains why standards are important for cyber security, specifically in the area of electronic identification and trust services providers. A number of challenges associated with the definition and deployment of standards in the area of…
Trusted e-ID infrastructures and services in EU
ENISA has conducted a survey about the security mechanisms used by TSPs (Trust Service Providers) in Europe, and their interoperability, under the scope of the proposed new Regulation on electronic identification and trust services for electronic…
Cyber EUnnovate 2025
The Cyber EUnnovate 2025 aims to become a high-level industry event exploring the intersection of innovation, AI, and cybersecurity in the EU.
Cybersecurity Challenges in the Uptake of Artificial Intelligence in Autonomous Driving
This report, drafted jointly by ENISA and JRC, aims to provide insights on the cybersecurity challenges specifically connected to the uptake of AI techniques in autonomous vehicles. It describes the policy context at both the European and…
Guidance and gaps analysis for European standardisation
This study aims to a) explore how the standards-developing world is responding to the fast-changing, demanding realm of privacy by mapping existing available standards and initiatives in the area and b) provide insights on the “state-of-the-art” of…