Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Reference Incident Classification Taxonomy

This taxonomy resulted from collaboration initiatives such as the annual ENISA/EC3 Workshop which involved CSIRTs, LEAs, ENISA, and EC3. Other examples include the eCSIRT.net taxonomy2 which was developed in 2003, and the eCSIRT.net mkVI taxonomy3…
National / EU authoritiesPrivate Sector

Online Tracking and User Protection Mechanisms

ENISA decided to provide a study on online tracking and relevant user protection mechanisms, paying particular attention to user consent, privacy settings and the implementation of the Do-Not-Track (DNT) standard.
CitizensPrivate Sector

eIDAS: Overview on the implementation and uptake of Trust Services

In the context of the eIDAS Regulation, ENISA conducted a study to present an overview of the implementation and uptake of Trust Services defined in the eIDAS Regulation one year after adoption to the new regime, and analyse the new opportunities…
Private Sector

Maturity Reference for CSIRTs – Executive Summary

The target audience for this study is primarily the middle management layer in the CSIRTs, responsible for increasing the team’s maturity. The study will help them to more easily and quickly implement real maturity improvement, following self-…
National / EU authoritiesPrivate Sector
annual privacy forum 2017

Annual Privacy Forum 2017

ENISA's Annual Privacy Forum 2017 encouraged dialogue with panel discussions and provided room for exchange of ideas in between scientific sessions. The two-day conference was well attended by more than 100 participants in addition to more than 70…
National / EU authoritiesPrivate Sector

QWACs Plugin

Proof of concept browser plugin to support the two-step verification of qualified certificates for web-site authentication
Private Sector

Conformity assessment of Trust Service Providers - Technical guidelines on trust services

Through this document, ENISA is supporting both Trust Service Providers and Conformity Assessment Bodies in the audit activities by presenting the auditing framework. It aims at helping Trust Service Providers fulfil the requirements defined by the…
Private Sector

Guidelines on Initiation of Qualified Trust Services - Technical guidelines on trust services

This document is one deliverable out of a series whose objective is to propose guidelines aimed at facilitating the implementation of the provisions related to trust services of the eIDAS Regulation in the area of qualified trust services. It…
Private Sector

Security framework for Trust Service Providers - Technical guidelines on trust services

Article 19, which is the main focus of this document, of the eIDAS Regulation, states that Trust Service Providers have to demonstrate due diligence, in relation to the identification of risks and adoption of appropriate security practices, and…

Private Sector

Recommendations for QTSPs based on Standards - Technical guidelines on trust services

Following the publication of the eIDAS Regulation, a set of secondary and co-regulatory acts had to be published in order to provide technical guidance on how to implement the specific requirements of the eIDAS Regulation (in the TSP part of…

Private Sector