Publications

Featured publications

ENISA Threat Landscape 2024

September 17, 2024 Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Foresight Cybersecurity Threats For 2030 - Update 2024: Executive Summary

March 27, 2024 Download

This is the executive summary of the second iteration of The “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report…

Best Practices for Cyber Crisis Management

February 27, 2024 Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

European Cybersecurity Skills Framework (ECSF) - User Manual

19 September, 2022

The ECSF User Manual provides a comprehensive overview of the ECSF’s main scope, framework principles and application opportunities. The primary purpose of the manual is to make the ECSF easily accessible by, understandable for, and usable by all…

European Cybersecurity Skills Framework Role Profiles

19 September, 2022

The ECSF role profiles document lists the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, competences. The main purpose of this framework is to create a common…

ENISA Threat Landscape for Ransomware Attacks

29 July, 2022

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…

ENISA Threat Landscape Methodology

6 July, 2022

By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…

Coordinated Vulnerability Disclosure Policies in the EU

13 April, 2022

This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…

Cross-Sector Exercise Requirements

6 April, 2022

This report aims to identify the skills, exercises and training needed to ensure that the information exchange among the European information sharing and analysis centres (ISACs) is effective and efficient.

European Cybersecurity Month 2021 - Deployment report

28 March, 2022

The deployment report of the European Cybersecurity Month (ECSM) for 2021, summarises the activities introduced towards reducing cyber incidents. It evaluates the campaign of last year and provides insights for the future.

Deploying Pseudonymisation Techniques

24 March, 2022

Pseudonymisation is increasingly becoming a key security technique for providing a means that can facilitate personal data processing, while offering strong safeguards for the protection of personal data and thereby safeguarding the rights and…

5G Cybersecurity Standards

16 March, 2022

This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.

Risk Management Standards