This tool allows port operators to conduct cyber risk management with a four-phase approach which follows common principles of risk management. The approach is also compatible with the steps of the risk assessment methodology of the ISPS code. Port operators can navigate through this tool starting at any of the four phases, identify security measures based on their priorities and assess their maturity in the implementation of these measures.

How to secure your employees and business from cyberattacks. Cybersecurity doesn’t necessarily have to be costly for SMEs to implement and maintain. There are several measures that can be implemented, without the company having to invest a large amount.

Navigate through this tool and gain knowledge on cybersecurity requirements for procurement of services, products and infrastructure in Hospitals. Information can be directly used in the RfP of any related service or product.

This tool helps CSIRTs to self-assess their team’s maturity in terms of 44 parameters of the SIM3 model. SIM3 is also at the base of TI certification scheme under the TF-CSIRT and considered by FIRST for membership process. For several parameters, ENISA CSIRT maturity assessment model requires higher assessment level then it is required under the TI certification scheme. This is due to NIS Directive requirements that have been recently identified for EU MS designated CSIRTs.

This is a comprehensive toolkit for establishing and developing Information Sharing and Analysis Centres, or ISACs. It includes activities, documents and tools, everything you need to set up and run an ISAC. The toolkit is divided into 4 different phases corresponding to the development of the ISAC. Each phase contains different topics for developing the organisation in that particular phase.

The Cybersecurity Higher Education Database (CyberHEAD) is the largest validated cybersecurity higher education database in the EU and EFTA countries. It has been the main point of reference for all citizens looking to upskill their knowledge in the cybersecurity field. This database allows young talents to make informed decisions on the variety of possibilities offered by higher education in cybersecurity and helps universities attract high-quality students motivated in keeping Europe cyber-secure.

The assessment of risks is the first step towards the adoption of appropriate security measures for the protection of personal data. Within the next steps we present a simplified approach that can guide the SMEs through their specific data processing operation and help them evaluate the relevant security risks.

Interactive table of the NIS Cooperation Group Security Measures for OES

The Mapping of Security Measures for OES Tool provides the mapping of security measures for OESs to international standards used by operators in the business sectors (namely energy, transport, banking, financial market infrastructures, health, drinking water supply & distribution and digital infrastructures).

The Tool contributes to achieve a common and converged level of security in network and information systems (Article 3 of the NIS Directive) at EU level and it does not intends to replace existing standards, frameworks or good-practices in use by OESs.

The European CSIRT Inventory gives an overview of the actual situation concerning CSIRT teams in Europe. It provides a list of publicly listed incident response teams that can be visualised by the interactive mapping tool. This tool allows the reader to filter the displayed teams by (NIS Directive) CSIRTs Network membership, per-country, region, or type of CSIRT (e.g. national CSIRTs). ENISA’s CSIRT-relations team updates the Inventory twice a year (Q2, Q4).

The ENISA NCSS Interactive Map lists all the documents of National Cyber Security Strategies in the EU together with their strategic objectives and good examples of implementation. ENISA's goal is to create an info-hub with information provided by the Member States on their efforts to enhance national cybersecurity.

The ENISA - EU Cybersecurity Institutional Map is an attempt to depict the complex landscape of actors involved in cybersecurity at the EU level. This map aims to provide a clear picture of the responsibilities and roles of the different EU institutions, agencies and bodies in cybersecurity.

Mapping of National Laws, Competent Authorities, Supervision Authorities and Incident reporting Authorities for Payment Services Directive 2.

For more details please visit "Good practices on the implementation of regulatory technical standards".

A web tool which presents the mapping of indicators to the corresponding information security standards/frameworks (ISO, NIST, COBIT5) in an easy-to-use web-based format.

The Interdependencies tool contributes to the NIS Directive (Article 3) objective for a common and converged level of security in network and information systems at EU level and it does not intend to replace existing standards, frameworks or good practices in use by OESs.

The Mapping of Security Measures for Smartphone Guidelines (SMASHING - Smartphone Secure development Guidelines) Tool provides the mapping of security measures for developers of smartphone applications as a guide for developing secure mobile applications.

The NIS Directive is EU-wide cybersecurity legislation harmonizing national cybersecurity capabilities, cross-border collaboration and the supervision of critical sectors across the EU. 
Click on a sector to find out the national authority responsible in each EU country. Clicking the shield displays the national laws under this directive. Scroll down for more information.

In the EU telecom operators and trust service providers have to notify their national regulators about security incidents with significant impact. At the end of every year the competent authorities send summary reports about these incidents to ENISA and the Commission. ENISA aggregates, anonymizes and analyses this data, to provide information to experts working in the sectors above. On this webpage you can take some statistical samples yourself.

ENISA created this tool to help Member States evaluate their strategic priorities and objectives related to National Cyber Security Strategies.

Select your country's cyber security priorities and answer a few simple questions (with a YES or a NO) to reveive ideas and advice for improvement. The questionnaire is sectioned in 15 objectives and no data are being collected.

This tool intends to provide an aggregated view of the ENISA Good Practices for IoT and Smart Infrastructure that have been published the last years.

For further help on how to use the tool please consult this help guide.

by topics
by tags
by publishing date

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information