Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Standardisation in support of the Cybersecurity Certification

The document presents the value of the cybersecurity standardisation efforts for certification, the roles and responsibilities of Standards Developing Organisations (SDOs) in this context, and discusses various ways how standardisation can support…
National / EU authorities

ECSC 2019 Analysis Report

This report contains the following key observations were made by independent third-party observers on the ECSC 2019 organisation. These observations have been produced based on the feedback collected from participants, members of the ECSC Jury,…
National / EU authorities

European Cybersecurity Month 2019 - Deployment Report

This report provides an overview of the activities organised for the European Cybersecurity Month 2019 and presents a synthesis of findings based on evaluation and performance information gathered via two questionnaires and media monitoring data.…
Private Sector

Security Supervision under the EECC

With this report ENISA aims to support EU countries with their transposition, by analysing the main changes to the security requirements and the security supervision under the new rules. The principles of security supervision under the new rules (…
National / EU authorities
Reinforcing trust and security platform

Online Platform for Security of Personal Data Processing

This report presents the focus and main functionalities of the ENISA’s online platform for the security of personal data processing. This platform is only one tool, which cannot replace the need of a greater compliance and accountability…

Overview of standards related to eIDAS

The scope of this document is to assess the suitability of the recently published ENs to fulfil the eIDAS Regulation requirements, and to describe the differences with the previous TSs, in view of a possible update of the list of standards…
Private Sector

Recommendations for technical implementation of the eIDAS Regulation

The present report aims to propose ways in which the eIDAS assessment regime can be strengthened based on the current regime of the eIDAS Regulation, the stakeholders’ concerns and the legitimate need to move towards a more harmonised approach with…
Private Sector
ENISA it system for certification

ENISA it system for certification

The purpose of this study is to support ENISA in the development of an IT System that will enable all the involved stakeholders to collaborate, exchange and share information towards the preparation, adoption and review of cybersecurity…

ENISA Report - Request to ENISA 2019

ENISA Report - Request to ENISA 2019

The following document provides information of requests handled by the Agency pursuant to the ENISA Founding Regulation as contained in the EU Cybersecurity Act (Regulation (EU) 2019/881). The report does not apply to requests that are described…

National / EU authorities

Pseudonymisation techniques and best practices

This report explores further the basic notions of pseudonymisation, as well as technical solutions that can support implementation in practice. Starting from a number of pseudonymisation scenarios, the report defines first the main actors that can…
Private Sector