Risk and threat assessment are the pillars of security risk management and as such, vital methods towards cyber-protection and cyber-risk mitigation. Work on risk and threat management has been central component of ENISA work for some years now. While risk management has been a priority of past ENISA activities, in recent years, advancements in cyber-threat landscaping has been the main course of work in this subject matter.
Both activities are important components in IT-Security Management and are subject to dynamic changes, following the pace of developments in cyber-space. Their role in upcoming European regulations and directives is quite obvious. ENISA will continue investing resources in this areas and try to disseminate acquired information and knowledge to stakeholder communities.