• NIS Investments Report 2023

    This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in...

    Published on November 16, 2023
  • Security and Privacy for public DNS Resolvers

    Domain Name System (DNS) resolution is a hierarchical distributed system of protocols and systems, whose main purpose is to map the human friendly domain names, such as www.example.com, to machine readable IP addresses, such as DNS...

    Published on February 10, 2022
  • NIS Investments Report 2021

    Following the 2020 NIS Investment publication, this report covers all 27 EU Member States and offering additional insights into the allocation of NIS budgets of OES/DSP, the economic impact of cybersecurity incidents and the organisation of...

    Published on November 17, 2021
  • Guideline on Security Measures under the EECC

    This document, the Technical Guideline for Security Measures, provides guidance to competent authorities about the technical details of implementing Articles 40 and 41 of the EECC: how to ensure that providers assess risks and take appropriate...

    Published on July 07, 2021
  • 5G Supplement - to the Guideline on Security Measures under the EECC

    This document contains a 5G technology profile which supplements the technology-neutral Guideline on Security Measures under the EECC. The document gives additional guidance to competent national authorities about how to ensure implementation and...

    Published on July 07, 2021
  • NIS Investments Report 2020

    Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany...

    Published on December 11, 2020
  • Power Sector Dependency on Time Service: attacks against time sensitive services

    This publication describes the threats against energy providers’ services which depend on the availability of precise timing and communication networks. It provides a typical architecture which supports the time measurement service. Then it...

    Published on May 12, 2020
  • Challenges and opportunities for EU cybersecurity start-ups

    Based on extensive analysis of the identified challenges and opportunities, as well as on feedback collected from a panel of experts, this report proposes a set of recommendations to start-ups and SMEs active in the NIS market.

    Published on May 15, 2019
  • Good practices on the implementation of regulatory technical standards

    MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is...

    Published on January 24, 2019
  • Good practices on interdependencies between OES and DSPs

    This study is concerned with dependencies and interdependencies among Operators of Essential Services (OES) and Digital Service Providers (DSPs) as defined in the NIS Directive and addresses emerging dependencies and interdependencies across...

    Published on November 30, 2018
  • Guidelines on assessing DSP security and OES compliance with the NISD security requirements

    This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it...

    Published on November 28, 2018
Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies