Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date
enisa foresight cybersecurity threats for 2030

ENISA Foresight Cybersecurity Threats for 2030

This study aims to identify and collect information on future cybersecurity threats that could affect the Union’s infrastructure and services, and its ability to keep European society and citizens digitally secure.
National / EU authoritiesPrivate Sector
enisa transport threat landscape.

ENISA Transport Threat Landscape

This report is the first analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the transport sector in the EU. The report aims to bring new insights into the reality of the transport sector by…
National / EU authoritiesPrivate Sector
foreign information manipulation interference fimi and cybersecurity threat landscape

Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape

The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated…
National / EU authoritiesPrivate Sector
enisa threat landscape 2022

ENISA Threat Landscape 2022

This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack…
National / EU authoritiesPrivate Sector
enisa threat landscape for ransomware attacks

ENISA Threat Landscape for Ransomware Attacks

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…
National / EU authoritiesPrivate Sector
enisa threat landscape methodology

ENISA Threat Landscape Methodology

By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
National / EU authoritiesPrivate Sector

Coordinated Vulnerability Disclosure Policies in the EU

This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…
National / EU authoritiesPrivate Sector

European Cybersecurity Month 2021 - Deployment report

The deployment report of the European Cybersecurity Month (ECSM) for 2021, summarises the activities introduced towards reducing cyber incidents. It evaluates the campaign of last year and provides insights for the future.
Private Sector

Boosting your Organisation's Cyber Resilience - Joint Publication

ENISA and CERT-EU strongly encourage all public and private sector organisations in the EU to adopt a minimum set of cybersecurity best practices.
National / EU authoritiesPrivate Sector

Raising Awareness of Cybersecurity

This report seeks to assist EU Member States in further building their cybersecurity capacities by analysing best practices on raising citizens’ awareness of cybersecurity. We have collected information and evaluated the intensity, regularity and…
Private Sector