EU Cybersecurity Index

The EU CSI (EU Cybersecurity Index) is a tool to describe the cybersecurity posture of MS (Member States) and the EU.

Published under NIS Directive

Cybersecurity Act (Article 1(1), Article 3(1), Article 4(5), Recitals 6 and 15) notes that ENISA’s mandate and objectives are towards achieving a “high common level of cybersecurity across the Union” and supporting the European Union (EU) and Member States (MS) to “increase their cybersecurity capabilities”. An understanding of the current state of cybersecurity maturity across MS is essential for ENISA to reach these objectives. Continuous and consistent monitoring of the cybersecurity levels across the EU and its MS over time would encourage the reinforcement of their respective cybersecurity capabilities and improvement of the resilience of the overall EU cyber ecosystem.

The EU Cybersecurity Index (EU CSI) is a tool to describe the cybersecurity posture of MS and the EU, which:

  • Gives insights on the cybersecurity maturity and capabilities on individual countries and the EU.
  • Helps identifying opportunities for peer-learning and improvement.
  • Making the most of available data, information and knowledge on cybersecurity across the EU.
  • Enables to evaluate their progress towards higher levels of cybersecurity vis-à-vis index indicators.

EU CSI - Framework and methodological note

To find more, download the EU CSI - Framework and methodological note.

Public consultation

We invite all interested stakeholders to contribute their insights and feedback to help shape the further development of the EU-CSI framework and methodology. Please contact us at eucsi-feedback [at]


Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies