Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

European Cyber Security Month 2015 - Deployment Report

ECSM 2015 focused on Member States of the EU and EU partners. The project life cycle included coordinators calls, face-to-face meetings, periodic news updates, European Kick-off event, trainings and education seminars, website resources and weekly…

Latest Report on National and International Cyber Security Exercises

During this study ENISA gathered and analysed a large set of over 200 exercises. In addition to the exercise dataset, ENISA analysed specialised literature such as after-action reports and previous studies that have contributed to the analysis.…

Analysis of ICS-SCADA Cyber Security Maturity Levels in Critical Sectors

This study reveals the current maturity level of ICS-SCADA cyber security in Europe and identifies good practices used by European Member States to improve this area. The first and second part of this study introduces us to the ICS-SCADA cyber…

Secure Use of Cloud Computing in the Finance Sector

In creating this report we analysed input from a number of different sources to better understand the usage of cloud services in the finance sector. Based on the analysis we provide recommendations to financial institutions, regulators and cloud…

Technical guideline for Incident Reporting

This document describes a framework for security incident reporting based on the requirements set by article 19 of the eIDAS regulation. It is being developed on a consensus basis between the experts of the working group formed by ENISA and it is…

Security and Resilience of Smart Home Environments

This study aims at securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until…

ENISA’s CSIRT-related capacity building activities

This report represents the update of an impact assessment of ENISA’s support to CSIRTs in 2014. This updated assessment serves as a basis for a proposed roadmap to 2020. The impact of the ENISA support to the CSIRT community was assessed from a dual…

Status of privacy and NIS course curricula in EU Member States

User Education is key in cyber security. Our work for this report follows up on previous efforts and suggested recommendations from 2014 and 2013. The first objective of this report is to identify gaps between available training courses,…

ENISA Cyber Europe 2014 - After Action Report

ENISA's After Action Report of the pan-European cybersecurity exercise Cyber Europe 2014 (CE2014) was approved by the EU Member States and gives a high-level overview of the complex cybersecurity exercise that was carried out in 2014. The full…
annual incident reports 2014

Annual Incident Reports 2014

The report “Annual Incident reports 2014” provides an aggregated analysis of the security incidents in the European telecom sector in 2014 which caused severe outages. Most incidents reported to regulators and ENISA (137 incidents) involved fixed…