Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Security guidelines on the appropriate use of qualified electronic registered delivery services

This document addresses qualified electronic registered delivery services and is one out of a series of five documents which aim to assist parties wishing to use qualified electronic signatures, seals, time stamps, eDelivery or website…
Private Sector

Security guidelines on the appropriate use of qualified electronic seals

This document addresses qualified electronic seals and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery and website authentication certificates to…
Private Sector

Security guidelines on the appropriate use of qualified electronic signatures

This document addresses qualified electronic signatures and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication certificates…
Private Sector

Security guidelines on the appropriate use of qualified website authentication certificates

This document addresses qualified certificates for website authentication and is one out of a series of five documents which aim to assist parties wishing to use qualified electronic signatures, seals, time stamps, eDelivery or website…
Private Sector
annual privacy forum 2016

Annual Privacy Forum 2016

In light of the data protection regulation and the European digital agenda, DG CONNECT, EDPS, ENISA and, Goethe University Frankfurt organized APF 2016. APF 2016 was held 7 & 8 September at Goethe University Frankfurt am Main, Germany.
Private Sector

Privacy and Security in Personal Data Clouds

The main objective of this study is to identify the different architectures and components of Personal Data Clouds (PDCs) and discuss their privacy and security challenges. Based on an empirical analysis of various applications that fall under, or…
Private Sector

Guidelines for SMEs on the security of personal data processing

ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Private Sector

PETs controls matrix - A systematic approach for assessing online and mobile privacy tools

Following previous work in the field of privacy engineering, in 2016 ENISA defined the ‘PETs control matrix’, an assessment framework and tool for the systematic presentation and evaluation of online and mobile privacy tools for end users. The…

Private Sector

Security of Mobile Payments and Digital Wallets

The primary objective of this paper is the production of guidelines to assist mobile payment developers and mobile payment providers towards recommended security controls which if implemented would help ensure that consumers, retailers and financial…
Private Sector

Qualified Website Authentication Certificates

This report proposes six strategies and twelve recommended actions as an escalated approach that targets the most important aspects detected to be critical for (i) improving the website authentication market in Europe and (ii) successfully…
Private Sector