National Cybersecurity Strategies Guidelines & tools

To meet current and emerging cybersecurity threats, EU Member States need to constantly develop and adapt their cybersecurity strategies. National cybersecurity strategies (NCSS) are the main documents of nation states to set strategic principles, guidelines, and objectives and in some cases specific measures in order to mitigate risk associated with cybersecurity.

On 16 January 2023, the Directive (EU) 2022/2555 (known as NIS2) entered into force replacing Directive (EU) 2016/1148. ENISA considers that NIS2 improves the existing cyber security status across EU in different ways

The aim of the NIS2 is to further develop cybersecurity across the EU. ENISA is working with Member States to identify best EU-wide practices in their efforts to implement the Directive.

One of the main provisions of the NIS Directive requires EU Member States to develop and adopt a national cybersecurity strategy (NCSS).  ENISA assists Member States in the development or the update of a national cybersecurity strategy and of key performance indicators for the assessment of that strategy, in order to align it with the requirements and obligations laid down in this Directive ENISA is supporting the efforts of EU Member States since 2012 by providing guidelines on how to develop, implement and update NCSS, together with key performance indicators for the assessment of that strategy, by analysing existing strategies and outlining good practices.

ENISA’s work on NCSS includes:

Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies