Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Study on CSIRT landscape and IR capabilities in Europe 2025

The objective of this study is to help ENISA identify and draw conclusions about the recent and current evolution of CSIRTs and IR capabilities in Europe towards 2025. Building on the existing knowledge gathered in the European CSIRT inventory, this…
National / EU authorities

Cooperation between CSIRTs and Law Enforcement: interaction with the Judiciary

This report aims to support the cooperation between CSIRTs and Law Enforcement, as well as their interaction with the judiciary in their fight against cybercrime, by providing information on the legal, organisational, technical and cultural aspects…
National / EU authorities

Analysis of the European R&D priorities in cybersecurity

The present document provides a series of recommendations for the priorities in the EU for R&D in the domain of ICT security made after analysis of a wide series of interviews with domain experts. The proposed research priorities have the aim to…
National / EU authorities

Improving recognition of ICT security standards

This report is a continuation and an extension of previously carried out ENISA work on approaches to the NIS Directive by Member States, which have provided recommendations on standardisation and have outlined the use and management of CSIRTs.
National / EU authorities

Reference Incident Classification Taxonomy

This taxonomy resulted from collaboration initiatives such as the annual ENISA/EC3 Workshop which involved CSIRTs, LEAs, ENISA, and EC3. Other examples include the eCSIRT.net taxonomy2 which was developed in 2003, and the eCSIRT.net mkVI taxonomy3…
National / EU authoritiesPrivate Sector

Maturity Reference for CSIRTs – Executive Summary

The target audience for this study is primarily the middle management layer in the CSIRTs, responsible for increasing the team’s maturity. The study will help them to more easily and quickly implement real maturity improvement, following self-…
National / EU authoritiesPrivate Sector

Priorities for EU research

The objective of this current document is to provide an analysis of the research proposals of the ECSO SRIA document by briefly summarizing each research priority, and highlighting the areas where the priorities have to be aligned with the…
National / EU authorities

Tools and Methodologies to Support Cooperation between CSIRTs and Law Enforcement

This report aims to support the cooperation between CSIRTs - in particular national/governmental CSIRTs - and LEAs in their fight against cybercrime, by providing information on the framework and on the technical aspects of the cooperation,…
National / EU authorities

Improving Cooperation between CSIRTs and Law Enforcement: Legal and Organisational Aspects

This report aims to support the cooperation between CSIRTs - in particular national/governmental CSIRTs - and LEAs in their fight against cybercrime, by providing information on the legal and organisational aspects, identifying current shortcomings…
National / EU authorities

Recommendations on aligning research programme with policy

The scope of this report is to review existing analysis reports on EU funded Trust and Security Projects, summarize achievements that have significantly promoted specific pillars of NIS, identify and summarize specific outcomes that can promote and…
National / EU authorities