-
Low Earth Orbit (LEO) SATCOM Cybersecurity Assessment
This report explores the cybersecurity of Low Earth Orbit (LEO) constellations providing telecommunications services (LEO satcom). Examining various threats and risks-technical, financial, or commercial the landscape of potential attacks is vast. It...
Published on February 15, 2024 -
Undersea cables
This report aims to follow up with detailed technical guidelines for national authorities and to support them with the technical aspects of the supervision of undersea cables and their associated infrastructure, including landing stations and cable...
Published on August 31, 2023 -
DNS Identity
This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name...
Published on May 24, 2023 -
5G Security Controls Matrix
The ENISA 5G Security controls matrix is a comprehensive and dynamic matrix of security controls and best practices for 5G networks, to support the national authorities in the EU Member States with implementing the technical measures of the EU’s 5G...
Published on May 24, 2023 -
Fog and Edge Computing in 5G
This report focuses on the fundamentals of fog and edge, an overview of their security aspects, the open challenges that these sectors face, the related standardisation efforts, the existing opportunities in this field, and different application...
Published on March 09, 2023 -
5G Cybersecurity Standards
This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.
Published on March 16, 2022 -
NFV Security in 5G - Challenges and Best Practices
In this report explores relevant challenges, vulnerabilities and attacks to the Network Function Virtualization (NFV) within the 5G network. NFV changes the network security environment due to resource pools based on cloud computing and open network...
Published on February 24, 2022 -
Countering SIM-Swapping
In this study, we give an overview of how SIM-Swapping attacks work, list measures that providers can take to mitigate the attack and make recommendations for policy makers and authorities in the telecom sector and other sectors. Security of...
Published on December 06, 2021 -
How to Avoid SIM-Swapping - Leaflet
This leaflet, addresses the SIM-swapping attacks, how to recognise them and how to mitigate the risk connected to this fraud. In fact, subscriber Identity Module (SIM) swapping is a legitimate procedure performed by a customer to change their SIM...
Published on December 06, 2021 -
Assessment of EU Telecom Security Legislation
European Union telecom security legislation has been changing over the last few years. In light of these policy changes, ENISA carried out an assessment of the implementation of EU telecom security policy, to inform policy makers in the Commission...
Published on July 13, 2021 -
Guideline on Security Measures under the EECC
This document, the Technical Guideline for Security Measures, provides guidance to competent authorities about the technical details of implementing Articles 40 and 41 of the EECC: how to ensure that providers assess risks and take appropriate...
Published on July 07, 2021 -
5G Supplement - to the Guideline on Security Measures under the EECC
This document contains a 5G technology profile which supplements the technology-neutral Guideline on Security Measures under the EECC. The document gives additional guidance to competent national authorities about how to ensure implementation and...
Published on July 07, 2021 -
Technical Guideline on Incident Reporting under the EECC
This document describes the formats and procedures for cross border reporting and annual summary reporting under Article 40 of the EECC. Paragraph 2 of Article 40 describes three types of incident reporting: 1) National incident reporting from...
Published on March 22, 2021 -
Security in 5G Specifications - Controls in 3GPP
The objective of this report is to help MS implementing the technical measure TM02 from the EU toolbox on 5G security. The report is also intended to help national competent and regulatory authorities get a better picture of the standardisation...
Published on February 24, 2021 -
ENISA Threat Landscape for 5G Networks Report
This report is an update of the ENISA 5G Threat Landscape, published in its first edition in 2019. This document is a major update of the previous edition. It encompasses all novelties introduced, it captures developments in the 5G architecture and...
Published on December 14, 2020 -
Power Sector Dependency on Time Service: attacks against time sensitive services
This publication describes the threats against energy providers’ services which depend on the availability of precise timing and communication networks. It provides a typical architecture which supports the time measurement service. Then it...
Published on May 12, 2020 -
Encrypted Traffic Analysis
This report explores the current state of affairs in Encrypted Traffic Analysis and in particular discusses research and methods in 6 key use cases; viz. application identification, network analytics, user information identification, detection of...
Published on April 23, 2020 -
Security Supervision under the EECC
With this report ENISA aims to support EU countries with their transposition, by analysing the main changes to the security requirements and the security supervision under the new rules. The principles of security supervision under the new rules...
Published on January 10, 2020 -
ENISA threat landscape for 5G Networks
This report draws an initial threat landscape and presents an overview of the challenges in the security of 5G networks. Its added value lays with the creation of a comprehensive 5G architecture, the identification of important assets (asset...
Published on November 21, 2019 -
Signalling Security in Telecom SS7/Diameter/5G
The present study has deep dived into a critical area within electronic communications, the security of interconnections in electronic communications (signalling security). Based on the analysis, at this moment there is a medium to high level of...
Published on March 28, 2018 -
Technical Guidelines for the implementation of minimum security measures for Digital Service Providers
ENISA has issued this report to assist Member States and DSPs in providing a common approach regarding the security measures for DSPs. This particular initiative has been achieved by examining current information and network security practices for...
Published on February 16, 2017 -
Securing Smart Airports
In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant national...
Published on December 16, 2016 -
The cost of incidents affecting CIIs
The aim of the study is to assess the economic impact of incidents that affect CIIs in EU, based on existing work done by different parties, and set the proper ground for the future work of ENISA in this area.
Published on August 05, 2016 -
Threat Landscape and Good Practice Guide for Software Defined Networks/5G
This study reviews threats and potential compromises related to the security of SDN/5G networks. More specifically, this report has identified related network assets and the security threats, challenges and risks arising for these assets. Driven by...
Published on January 27, 2016 -
Stocktaking, Analysis and Recommendations on the protection of CIIs
This study takes stock of and analyses the different approaches the EU Member States take to protect their critical information infrastructures by presenting key findings, the different CIIP governance structures and by emphasizing on good...
Published on January 21, 2016 -
Methodologies for the identification of Critical Information Infrastructure assets and services
This study aims to tackle the problem of identification of Critical Information Infrastructures in communication networks. The goal is to provide an overview of the current state of play in Europe and depict possible improvements in order to be...
Published on February 23, 2015 -
Mutual Aid for Resilient Infrastructure in Europe (M.A.R.I.E.) - Phase II: Recommendations Report
This report presents 5 main recommendations which will –if implemented- improve emergency preparedness for ICT Stakeholders. The results of the preliminary study performed in 2011 showed that the preparedness for Black Swan events (low probability ...
Published on December 16, 2013 -
Emergency Communications Stocktaking
The Emergency Communications Stocktaking project is an initiative of the European Network and Information Security Agency (ENISA) to determine how emergency services communicate within their own organisations and with each other in times of...
Published on December 19, 2012 -
Ontology and taxonomies of resilience
Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context is...
Published on December 21, 2011 -
Mutual Aid Agreements
This Mutual Aid for Resilient Infrastructure in Europe (MARIE) Phase 1 Report presents twelve Key Observations about MAAs and in so doing lays the foundation for a number of recommendations, which are planned for the MARIE Phase 2 Report (in 2012). ...
Published on December 19, 2011
Browse the Topics