Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

November 29, 2024 Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

September 17, 2024 Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

February 27, 2024 Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

ENISA Foresight Cybersecurity Threats for 2030

29 March, 2023

This study aims to identify and collect information on future cybersecurity threats that could affect the Union’s infrastructure and services, and its ability to keep European society and citizens digitally secure.

ENISA Transport Threat Landscape

21 March, 2023

This report is the first analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the transport sector in the EU. The report aims to bring new insights into the reality of the transport sector by…

Cybersecurity Education Initiatives in the EU Member States

20 December, 2022

Today, the internet is a tool used in many educational activities, which increases the amount of time children are exposed to cyberspace and its risks. Informing young users about the importance of maintaining personal privacy is not enough to keep…

Cyber Europe 2022: After Action Report

13 December, 2022

Findings from a PAN-EUROPEAN cyber crisis Exercise

Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape

8 December, 2022

The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated…

ENISA Threat Landscape 2022

3 November, 2022

This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack…

European Cybersecurity Skills Framework (ECSF) - User Manual

19 September, 2022

The ECSF User Manual provides a comprehensive overview of the ECSF’s main scope, framework principles and application opportunities. The primary purpose of the manual is to make the ECSF easily accessible by, understandable for, and usable by all…

European Cybersecurity Skills Framework Role Profiles

19 September, 2022

The ECSF role profiles document lists the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, competences. The main purpose of this framework is to create a common…

ENISA Threat Landscape for Ransomware Attacks

29 July, 2022

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…

ENISA Threat Landscape Methodology

6 July, 2022

By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…