• Annual Incident Analysis Report for the Trust Service Providers

    This report provides an analysis and evaluation of the incident reporting procedure in the EU under the Article 19 of the eIDAS Regulation (2014/910/EC). Considering the fact that only the second half of 2016 was applicable and moreover that this...

    Published on November 29, 2017
  • Annual Incident Reports 2016

    For the sixth year, ENISA publishes the annual report about significant outage incidents in the European electronic communications sector, which are reported to ENISA and the European Commission under Article 13a of the Framework Directive...

    Published on June 16, 2017
  • Article 19 Incident reporting

    The focus of this document is the implementation of incident reporting and it aims at supporting the su-pervisory bodies in being aligned with obligations set out in Article 19. The Article 19 incident reporting framework has been prepared in...

    Published on March 01, 2017
  • Incident notification for DSPs in the context of the NIS Directive

    This report provides preliminary guidelines on how incident notification provisions for Digital Service Providers could be effectively implemented across the EU. Based on valuable input from Member States and companies directly impacted by the...

    Published on February 27, 2017
  • Annual Incident Reports 2015

    For the fifth year, ENISA publishes the annual report about significant outage incidents in the European electronic communications sector, which are reported to ENISA and the European Commission (EC) under Article 13a of the Framework Directive...

    Published on October 05, 2016
  • Impact evaluation on the implementation of Article 13a incident reporting scheme within EU

    As several years have passed since the publication and implementation of the Framework Directive 2009/140 including Art. 13a, an impact evaluation of the new article was necessary. The evaluation has the purpose of assessing the changes in outcome...

    Published on March 18, 2016
  • Security incidents indicators - measuring the impact of incidents affecting electronic communications

    Measuring the impact of incidents has become one of the toughest challenges nowadays, given the multitude of factors/indicators that must be taken into consideration. To address this issue, indicators are used, accompanied by thresholds, to assess...

    Published on March 09, 2016
  • Analysis of security measures deployed by e-communication providers

    The aim of this document is to provide an overview of good practices as regards security measures that are deployed by electronic communication providers in Europe

    Published on February 09, 2016
  • Technical guideline for Incident Reporting

    This document describes a framework for security incident reporting based on the requirements set by article 19 of the eIDAS regulation. It is being developed on a consensus basis between the experts of the working group formed by ENISA and it is...

    Published on December 03, 2015
  • Technical Guideline on Threats and Assets

    The Technical Guideline on Threats and Assets provides National Regulatory Authorities (NRAs) with a glossary of terms to communicate about the most significant threats and network assets involved in disruptions in electronic communications networks...

    Published on September 14, 2015
  • Annual Incident Reports 2014

    The report “Annual Incident reports 2014” provides an aggregated analysis of the security incidents in the European telecom sector in 2014 which caused severe outages. Most incidents reported to regulators and ENISA (137 incidents) involved...

    Published on September 14, 2015
  • Guideline on Security measures for Article 4 and Article 13a

    The Technical Guideline on Security Measures for Article 4 and Article 13a gives guidance to national competent authorities about the supervision of security measures in Article 13a of the Framework Directive (2009/140/EC) and Article 4 of the...

    Published on April 09, 2015
  • Protection of Underground Electronic Communications Infrastructure

    This document aims to provide recommendations to Member States (MS) that wish to protect their underground electronic communications infrastructure against disruption due to civil works. This document shall help MS to assess their need to deploy an...

    Published on December 17, 2014
  • Security Guide for ICT Procurement

    The “Security Guide for ICT Procurement” aims to be a practical tool for electronic communications service providers to better manage security risks when dealing with vendors of ICT products and outsourced services. The Guide maps security risks...

    Published on December 11, 2014
  • Secure ICT Procurement in Electronic Communications

    The report, “Secure ICT Procurement in Electronic Communications”, focuses on the growing dependency of electronic communications service providers on ICT products and outsourced services, it analyses security risks associated with third party...

    Published on December 11, 2014
  • Technical Guideline on Minimum Security Measures

    In this document we give guidance to NRAs about the implementation of Article 13a and in particular about the security measures that providers of public communications networks must take to ensure security and integrity of these networks. It lists...

    Published on October 24, 2014
  • Technical Guideline on Incident Reporting

    This guideline gives guidance to NRAs about the implementation of Article 13a (of EU Directive 2009/140/EC) and, in particular, the two types of incident reporting mentioned in Article 13a: the annual summary reporting of significant incidents to...

    Published on October 24, 2014
  • Annual Incident Reports 2013

    The Annual Incidents report 2013 provides an aggregated analysis of the security incidents in 2013 which caused severe outages. Most incidents reported to regulators and ENISA involved mobile internet and mobile telephony connections.

    Published on September 16, 2014
  • Proposal for One Security Framework for Articles 4 and 13a

    There are two pieces of EU legislation which explicitly mention security measures in the telecom sector: Article 4 of the e-Privacy directive asks providers to take security measures to protect security of personal data processing. Article 13a of...

    Published on December 20, 2013
  • Power Supply Dependencies in the Electronic Communications Sector

    Electronic communications are the backbone of the EU’s digital society. Article 13a of the EU’s electronic communications Framework directive asks EU Member States to ensure the security and resilience of public electronic communications...

    Published on December 16, 2013
  • National Roaming for Resilience

    Mobile communications are an integral part of everyday life. In less than 30 years they have surpassed the traditional fixed line telephony. Every day millions of European citizens rely on mobile telephony for work, social life, but also to contact...

    Published on November 27, 2013
  • Schemes for auditing security measures

    Across society there are now critical services which rely on computers, networks and servers. Protecting the security of this information infrastructure is not easy. Often the information infrastructure is run by several organisations and uses...

    Published on October 03, 2013
  • Annual Incident Reports 2012

    This report provides an overview of the process and an aggregated analysis of the 79 incident reports of severe outages of electronic communication networks or services which were reported by national regulators during 2012.

    Published on August 20, 2013
  • Annual Incident Report 2011

    For the first time in the EU, in spring 2012, national reports about security incidents were provided to ENISA and the European Commission, under Article 13a of the Framework Directive (2009/140/EC). This is a new article in the EU legal framework...

    Published on October 11, 2012
  • Cyber Incident Reporting in the EU

    We summarize different security articles in EU legislation which mandate cyber incidents and cyber security measures. In a single diagram we give an overview of Article 13a and Article 4 of the Telecom package, Article 15 of the proposed eID/eSig...

    Published on August 27, 2012
  • Good Practice Guide on Incident Reporting

    Given strong commitment by the EU institutions and the Member States to the resilience of public communications networks, ENISA was asked to help Member States and EU institutions to identify good practices in incident reporting schemes. This...

    Published on December 10, 2009

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information