Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

Publish Date

Cyber Europe 2024 - After Action Report

The after action report provides an overview of the 2024 edition of the Cyber Europe exercise which was conducted in June and aimed at identifying gaps and increasing cybersecurity preparedeness and resilience. 

European Cybersecurity Month 2023 - Campaign report

European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…

Cybersecurity Education Maturity Assessment

This ENISA study aims to develop a maturity assessment model to evaluate each MS's cybersecurity education level in primary and secondary schools and to provide a comprehensive overview of the EU. Additionally, ENISA seeks to collect and share…

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

Cybersecurity Support Action

The ENISA Cybersecurity Support Action provides ex-post and ex-ante services and assistance to Member States' NIS2 Directive entities.

European Cybersecurity Month 2022 Campaign Report

The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats: 1. Phishing: so that users may detect and react to the most common attack against individuals. 2. Ransomware: so…

Sustained Activity by Threat Actors- Joint Publication

ENISA, the EU Agency for Cybersecurity, and CERT-EU, the Computer Emergency Response Team of all the EU institutions, bodies and agencies (EUIBAs), have issued a joint publication to alert on sustained activity by particular threat actors. Malicious…

Cybersecurity Education Initiatives in the EU Member States

Today, the internet is a tool used in many educational activities, which increases the amount of time children are exposed to cyberspace and its risks. Informing young users about the importance of maintaining personal privacy is not enough to keep…

Cyber Europe 2022: After Action Report

Findings from a PAN-EUROPEAN cyber crisis Exercise

European Cybersecurity Skills Framework (ECSF) - User Manual

The ECSF User Manual provides a comprehensive overview of the ECSF’s main scope, framework principles and application opportunities. The primary purpose of the manual is to make the ECSF easily accessible by, understandable for, and usable by all…