• Digital Identity Standards

    This report gives an overview of the most important standards and standardisation organisations in this area. This information is useful for the novice, to find out what is available, but also for more experienced readers who might not be aware of...

    Published on July 03, 2023
  • 5G Cybersecurity Standards

    This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.

    Published on March 16, 2022
  • Risk Management Standards

    The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.

    Published on March 16, 2022
  • Methodology for Sectoral Cybersecurity Assessments

    The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification...

    Published on September 13, 2021
  • Security in 5G Specifications - Controls in 3GPP

    The objective of this report is to help MS implementing the technical measure TM02 from the EU toolbox on 5G security. The report is also intended to help national competent and regulatory authorities get a better picture of the standardisation...

    Published on February 24, 2021
  • Advancing Software Security in the EU

    This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to...

    Published on April 15, 2020
  • Standardisation in support of the Cybersecurity Certification

    The document presents the value of the cybersecurity standardisation efforts for certification, the roles and responsibilities of Standards Developing Organisations (SDOs) in this context, and discusses various ways how standardisation can support...

    Published on February 04, 2020
  • Guidance and gaps analysis for European standardisation

    This study aims to a) explore how the standards-developing world is responding to the fast-changing, demanding realm of privacy by mapping existing available standards and initiatives in the area and b) provide insights on the “state-of-the-art” of...

    Published on March 15, 2019
  • IoT Security Standards Gap Analysis

    This study analyses the gaps and provides guidelines for, in particular, the development or repositioning of standards, facilitating the adoption of standards and governance of EU standardisation in the area of NIS.

    Published on January 17, 2019
  • Improving recognition of ICT security standards

    This report is a continuation and an extension of previously carried out ENISA work on approaches to the NIS Directive by Member States, which have provided recommendations on standardisation and have outlined the use and management of CSIRTs.

    Published on February 01, 2018
  • Recommendations on European Data Protection Certification

    The objective of this report is to identify and analyse challenges and opportunities of data protection certification mechanisms, including seals and marks, as introduced by the GDPR, focusing also on existing initiatives and voluntary schemes.

    Published on November 27, 2017
  • Recommendations on aligning research programme with policy

    The scope of this report is to review existing analysis reports on EU funded Trust and Security Projects, summarize achievements that have significantly promoted specific pillars of NIS, identify and summarize specific outcomes that can promote and...

    Published on May 08, 2017
  • Gaps in NIS standardisation - Recommendations for improving NIS in EU standardisation policy

    This report recommends that the European Commission, with the support of the Member States, pursuant to the NIS Directive, adopt a standards based framework for the exchange of threat and defensive measure information that impacts the functioning of...

    Published on March 15, 2017
  • Challenges of security certification in emerging ICT environments

    This report aims to provide decision makers with a thorough description of the security certification status concerning the most impactful equipment in five different critical business sectors. Results of this study should help to improve and...

    Published on February 06, 2017
  • Analysis of standards related to Trust Service Providers - Mapping of requirements of eIDAS to existing standards

    This report on one hand analyses the eIDAS requirements with regard to the standards, on the other analyses currently available standards and compares the results of both analyses. Such a mapping is oriented at the requirements specified in the...

    Published on July 01, 2016
  • Governance framework for European standardisation

    In response to the European Union’s Cybersecurity Strategy, the CSCG has published a White Paper with recommendations on digital security. The CSCG’s recommendations underline the importance of Cybersecurity standardisation to complete the European...

    Published on July 01, 2016
  • Definition of Cybersecurity - Gaps and overlaps in standardisation

    This document analyses the usage of this term by various stakeholders and reviews standardisation activities in the area of Cybersecurity, providing an overview of overlaps and gaps in available standards. It has been written by CSCG and ENISA...

    Published on July 01, 2016
  • Information security and privacy standards for SMEs

    The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy...

    Published on June 17, 2016
  • Standardisation in the field of Electronic Identities and Trust Service Providers

    This paper explains why standards are important for cyber security, specifically in the area of electronic identification and trust services providers. A number of challenges associated with the definition and deployment of standards in the area of...

    Published on March 24, 2015
Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies