Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Guideline on Security Measures under the EECC

This document, the Technical Guideline for Security Measures, provides guidance to competent authorities about the technical details of implementing Articles 40 and 41 of the EECC: how to ensure that providers assess risks and take appropriate…
National / EU authorities

Technical Guideline on Incident Reporting under the EECC

This document describes the formats and procedures for cross border reporting and annual summary reporting under Article 40 of the EECC. Paragraph 2 of Article 40 describes three types of incident reporting: 1) National incident reporting from…
National / EU authorities
security in 5g specifications

Security in 5G Specifications - Controls in 3GPP

The objective of this report is to help MS implementing the technical measure TM02 from the EU toolbox on 5G security. The report is also intended to help national competent and regulatory authorities get a better picture of the standardisation…
National / EU authorities

NIS Investments Report 2020

Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany,…
National / EU authorities

Sectoral CSIRT Capabilities - Energy and Air Transport

This study provides a continuation of work on Sectoral IRC at European level following the publication of the 2019 “EU Member States incident response development status report”. The report focuses on trends in Energy and Air Transport Incident…
National / EU authoritiesPrivate Sector

National Capabilities Assessment Framework

This report presents the work performed by ENISA to build a National Capabilities Assessment Framework (NCAF). The framework aims at providing Member States with a self-assessment of their level of maturity by assessing their NCSS objectives,…

National / EU authorities
telecom annual incident reporting 2019

Telecom Services Security Incidents 2019 Annual Analysis Report

Security incident reporting has been part of the EU’s telecom regulatory framework since the 2009 reform of the telecom package, Article 13a of the Framework directive (2009/140/EC) came into force in 2011. The incident reporting in Article 13a…
National / EU authorities
trust services security incidents 2019 annual analysis report

Trust Services Security Incidents 2019 Annual Analysis Report

This report gives an aggregated overview of Trust Services Security Incidents in 2019, showing root causes, statistics and trends. It marks the fourth round of security incident reporting for the EU’s trust services sector. The annual summary…
National / EU authorities

Security Supervision under the EECC

With this report ENISA aims to support EU countries with their transposition, by analysing the main changes to the security requirements and the security supervision under the new rules. The principles of security supervision under the new rules (…
National / EU authorities

Good practices in innovation on Cybersecurity under the NCSS

ENISA supports the efforts aimed to enhance the overall level of cybersecurity in the Member States (MS) both at a national and EU level. This report supports that effort by analysing how Member States are approaching innovation as a strategic…
National / EU authorities