Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

EU Member States incident response development status report

Following the recent transposition of the NIS Directive1 (NISD) into European Member States (MS) legislation, this study aims to analyse the current operational Incident Response set-up within NISD sectors2 and identify the recent changes. The study…
National / EU authorities

Assessment of ETSI TS 119 403-3 related to eIDAS

This document assesses the eligibility of [ETSI TS 119 403-3], and the standards it builds upon, to be referenced in an implementing act adopted pursuant to Art.20(4) of the eIDAS Regulation. The findings suggest that if certain revisions take place…
Private Sector

Stock taking of security requirements set by different legal frameworks on OES and DSPs

In order to support organisations in their process of identifying appropriate security measures, based on the provisions of both NISD and GDPR, this report uses as basis the pre-existing ENISA guidance and presents a mapping of already identified…
Private Sector

AI an opportunity for the EU cyber crisis blueprint - Report

On the 3rd and 4th of June 2019, ENISA organized in Athens, Greece, a conference on Artificial Intelligence in the EU cyber crisis blueprint context under the title ‘ Artificial Intelligence-An opportunity for the EU cyber-crisis management’.…

National / EU authorities

Secure Group Communications for incident response and operational communities

With a number of cybersecurity incidents and an attack surface that increase every day, spanning from large infrastructures to the end users, there is the need to improve operational cooperation, preparedness and information exchange by promoting…
National / EU authorities

Trust Services Security Incidents 2018 - Annual report

The annual report on Trust Services Security Incidents 2018 gives an aggregated overview of security breaches, showing root causes, statistics and trends. It marks the third round of security incident reporting for the EU’s trust services sector.…
Private Sector

ENISA CSIRT maturity assessment model

This is the updated version of the "Challenges for National CSIRTs in Europe in 2016: Study on CSIRT Maturity" published by ENISA in 2017. The study takes all relevant information sources into account, with a special emphasis on the NIS Directive,…
National / EU authoritiesPrivate Sector

ENISA Maturity Evaluation Methodology for CSIRTs

This is the updated version of the "Study on CSIRT Maturity – Evaluation Process" published by ENISA in 2017. The new version (v.2) reflects values that are consistent with other documents and studies on CSIRT maturity.
National / EU authoritiesPrivate Sector

Towards a framework for policy development in cybersecurity - Security and privacy considerations in autonomous agents

One of the key aspects in autonomous systems is the data collected, mainly for supporting the demanding functionality in a qualitative and timely manner. The current study highlights a number of relevant security and privacy considerations, such as…
Private Sector

Study on CSIRT landscape and IR capabilities in Europe 2025

The objective of this study is to help ENISA identify and draw conclusions about the recent and current evolution of CSIRTs and IR capabilities in Europe towards 2025. Building on the existing knowledge gathered in the European CSIRT inventory, this…
National / EU authorities