Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Strategies for incident response and cyber crisis cooperation

This document was prepared for the NIS Platform WG2 members introducing the main functions of CSIRTs from incident handling to crisis coordination – a high-level summary of the basics of incident response based on ENISA’s previous work on CSIRTs and…
National / EU authorities

The cost of incidents affecting CIIs

The aim of the study is to assess the economic impact of incidents that affect CIIs in EU, based on existing work done by different parties, and set the proper ground for the future work of ENISA in this area.
Private Sector

Common practices of EU-level crisis management and applicability to the cyber crises

Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…
National / EU authorities

NIS Directive and national CSIRTs

This is an informative note on what provisions of the upcoming NIS Directive might mean for CSIRTs. It contains references to parts of the Directive, and some comments and proposals from our side. By no means we consider this document fix or final,…
National / EU authorities