Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date
European_Cybersecurity_Month_2023-Campaign_report.png

European Cybersecurity Month 2023 - Campaign report

European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…

Private Sector
Cyber_Resilience_Act_Requirements_Standards_Mapping.png

Cyber Resilience Act Requirements Standards Mapping - Joint Research Centre & ENISA Joint Analysis

To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…

Private Sector
Remote_ID_Proofing.png

Remote ID Proofing - Good practices

Through this report, ENISA aims to enhance stakeholder awareness, facilitate risk analysis in evolving threat landscapes, and bolster trustworthiness in remote identity proofing methods.

Private Sector

Engineering Personal Data Protection in EU Data Spaces

Common European data spaces (EU data spaces) are a novel concept introduced in the European strategy for data and elaborated further within the Data Governance Act (DGA). This report attempts to contextualise the main design principles regarding…
Private Sector

Digital Identity Standards

This report gives an overview of the most important standards and standardisation organisations in this area. This information is useful for the novice, to find out what is available, but also for more experienced readers who might not be aware of…
Private Sector

Trust Services-Secure move to the cloud of the eIDAS ecosystem

This report includes a detailed analysis on the different technical requirements that must be addressed considering the relevant standards. It also gives an overview of practical experiences on the move of trust services to the cloud, based on the…
Private Sector

DNS Identity

This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name…
Private Sector

European Cybersecurity Month 2022 Campaign Report

The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats: 1. Phishing: so that users may detect and react to the most common attack against individuals. 2. Ransomware: so…
Private Sector

Cybersecurity of AI and Standardisation

The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
National / EU authoritiesPrivate Sector

Engineering Personal Data Sharing

This report attempts to look closer at specific use cases relating to personal data sharing, primarily in the health sector, and discusses how specific technologies and considerations of implementation can support the meeting of specific data…
Private Sector