The European Union Agency for Cybersecurity (ENISA) under the framework of its 9th National Cybersecurity Strategies (NCSS) workshop, issued a report on cybersecurity awareness, with the aim to assist EU Member States in fostering their cybersecurity capacities on citizens.
An ever-rising number of cyberattacks each year is a de facto, which in combination with the lack of appropriate guidelines and trainings highlights the urgent need for cybersecurity awareness. At the same time, communication about cybersecurity issues and awareness raising is not a straightforward endeavour. EU Member States need to take concrete actions towards this objective, which is more likely to be successful when the corresponding vision is incorporated in their national cybersecurity strategy.
In this context, ENISA organised today the 9th National Cybersecurity Strategies (NCSS) Workshop, an annual event dedicated on developments and good practices followed by EU Member States towards raising cybersecurity awareness.
The report “Raising awareness as a key element of National Cybersecurity Strategies” was the main deliverable, presented by ENISA experts during the workshop.
The National Capabilities Assessment Framework (NCAF) tool was also announced and the development of a European Information Hub framework was addressed.
Objective of the Raising Awareness of Cybersecurity report
The ultimate aim of the report is to assist EU Member States in their efforts to further build their cybersecurity capacities by analysing best practices towards raising citizens’ awareness on cybersecurity. An overview and an analysis of EU Member States’ national awareness activities and plans, is thoroughly presented.
In doing so the report deep-dives into the methodologies and approaches followed by Member States that includes inter alias planning, awareness raising activities, performance indicators and impact made. For that effort, twenty structured interviews were conducted with the relevant national authorities, during the reference period from May to July 2021.
Through the identification of good practices, challenges and lessons learnt, the report also proposes recommendations on how to increase the effectiveness of national awareness raising activities.
Recommendations in a nutshell
To increase the effectiveness of national awareness raising activities, recommendations are concentrated in the following four axes:
- Building capacities for cybersecurity awareness through National Cybersecurity Strategies (NCSS) to facilitate stakeholders towards understanding the scope and the necessity of cybersecurity awareness raising, as well as to whom it applies and what its main objectives are.
- Regular assessments of cybersecurity trends and challenges by conducting analyses and reports of the threat environment. As an important step towards higher degree of awareness, since the wider public is the end-recipient.
- Measuring cybersecurity behaviour that provides for quantitative measurement of cybersecurity, by taking into account thinking and behavioural patterns of EU citizens on cybersecurity.
- Planning for cybersecurity awareness campaigns by enabling appropriate messaging in a professional manner.
Target audience
- Experts from National Authorities responsible for the designing and the implementation of cybersecurity awareness raising campaigns, as well as responsible for National Cybersecurity Strategies.
- European Institutions interested in cybersecurity awareness and skills..
- Business and the industry sector.
- Researchers and the academic community.
Other ENISA activities on National Cybersecurity Strategies (NCSS)
ENISA engages in a number of actions to support EU national authorities to enhance their capabilities in relation to the implementation and assessment of their National Cybersecurity Strategies.
Actions include:
- The introduction of the National Capabilities Assessment Framework (NCAF tool)
ENISA in December 2020 issued the National Capabilities Assessment Framework (NCAF) report that provides to Member States a methodology to conduct an evaluation of their cybersecurity capabilities and to measure their maturity at national level by assessing their National Cybersecurity Strategies (NCSS) objectives. In continuation to the NCAF report, ENISA in the coming days will release the National Capabilities Assessment Framework Tool (NCAF Tool).
- Why the National Capabilities Assessment Framework (NCAF) tool is important?
The NCAF tool provides Member States with the necessary means needed to support the assessment of their cybersecurity capabilities, in relation to the goals and objectives of their National Cybersecurity Strategies. Using the ENISA’s NCAF tool, policymakers, experts and government officials responsible for or involved in the designing, implementation and evaluation of the National Cybersecurity Strategies (NCSS), can ease and speed up this process by saving time and resources.
By performing such an assessment, Member States can enhance their awareness on cybersecurity maturity, identify areas for improvement and further develop cybersecurity capabilities at a national level.
- The development of a European Information Hub framework
The NCSS workshop provided a good opportunity to also present a conceptual framework for the development of a European Information Hub. The European Information Hub is envisioned to be developed and serve as a one-stop-shop for cybersecurity information, directly accessible by the public. Via such a dedicated portal, ENISA aims to further contribute to Europe’s cyber resilience through the provision of relevant information and knowledge to interested stakeholders across the European Union, in a timely and user-friendly manner.
The information hub can also serve as an awareness-raising tool by supporting European citizens, businesses and public sector officials in promoting and accessing relevant information on cybersecurity.
Further Information
ENISA's report on Raising Awareness of Cybersecurity
ENISA’s National Capabilities Assessment Framework report
ENISA’s work on National Cybersecurity Strategies
Contact
For questions related to the press and interviews, please contact press(at)enisa.europa.eu