Search

In this report, we present a scalable framework to guide NCAs and AI stakeholders on the steps they need to follow to secure their AI systems, operations and processes by using existing knowledge and best practices and identifying missing elements.…

The first Annual Privacy Forum1 (APF’12) was held in Limassol, Cyprus from 10–11 October 2012. The Forum was co-organised by the European Network and Information Security Agency (ENISA)2 and the European Commission Directorate General for…

This report collects the results of a survey launched by ENISA (European Network and Information Security Agency). The main purpose of the survey has been to collect information about the electronic IDentity and Authentication Systems (eIDAS) used…

The purpose of this briefing is to give an introduction to the possibilities offered by quantum key distribution (QKD), as well as its limitations and the main issues of disagreement between experts in the field. ENISA Briefings are short…

The present document provides a series of recommendations for the priorities in the EU for R&D in the domain of ICT security made after analysis of a wide series of interviews with domain experts. The proposed research priorities have the aim to…

This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in…

This Threat Landscape and Good Practice Guide for Big Data provides an overview of the current state of security in the Big Data area. In particular, it identifies Big Data assets, analyses exposure of these assets to threats, lists threat agents,…

Cryptographic algorithms, when used in networks, are used within a cryptographic protocol. Even if the cryptographic primitives and schemes (discussed in the “Algorithms, key size and parameters” report of 2014, see link below) are deemed secure,…

The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident…