In a constantly changing cyber threats environment, EU Member States need to have flexible and dynamic cybersecurity strategies to meet new, global threats. A national cyber security strategy (NCSS) is a plan of actions designed to improve the security and resilience of national infrastructures and services. It is a high-level top-down approach to cyber security that establishes a range of national objectives and priorities that should be achieved in a specific timeframe. An increasing number of countries in Europe have a National Cyber Security Strategy (NCSS) as a key policy feature, helping them to tackle risks which have the potential to undermine the achievement of economic and social benefits from cyberspace.

Apart from tackling cyber security risks, a strategy builds on collaboration. Some of the most important settings to improve collaboration between stakehodlers is Information Sharing and the creation of Public-Private Partnerships.

NCSS Interactive Map

Visit our interactive map to see all the national cyber security strategies in Europe and the world.

ENISA's work on National Cyber Security Strategies

ENISA’s work in supporting these strategies has focused on the analysis of existing NCSS; on the development and implementation of NCSS; on outlining and raising awareness of good practice to provide guidance and practical tools to the Member States for evaluating their NCSS.

• Updated NCSS Good Practice Guide (New!)
• NCSS: An Implementation Guide
• National Cyber Security Strategies
• An Evaluation Framework for NCSS
• Incentives and barriers of the cyber insurance market in Europe
• Cyber Insurance: Recent Advances, Good Practices and Challenges (New!)

ENISA's work on Information Sharing

Infromation sharing between national stakeholders but even in cross country cases is one important aspect for cyber security. Knowledge on tackling cyber attacked, incident response, mitigation measures and preparatory controls can be shared between the relevant stakeholders. ENISA has invested on this objective and provides good practices and recommendations. 

ENISA's work on Public Private Partnerships

Cooperation in the form of PPPs has evolved in many Member States depending on the environment, culture and legal framework. The need for a European view is demonstrated by the European Public Private Partnership for Resilience (EP3R) that is engaging with National PPPs to address Critical Information Infrastructure Protection (CIIP) issues at European level. ENISA has worked towards this direction offering incentives and actual recommendations on how to setup and run a PPP.

Related Workshops :

• 1st workshop on National Cyber Security Strategies 
• 2nd workshop on NCSS
• 3rd workshop on NCSS, CIIP and SCADA