Publications

Featured publications

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Foresight Cybersecurity Threats For 2030 - Update 2024: Executive Summary

Download

This is the executive summary of the second iteration of The “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Gaps in NIS standardisation - Recommendations for improving NIS in EU standardisation policy

This report recommends that the European Commission, with the support of the Member States, pursuant to the NIS Directive, adopt a standards based framework for the exchange of threat and defensive measure information that impacts the functioning of…
National / EU authorities
annual privacy forum 2016

Annual Privacy Forum 2016

In light of the data protection regulation and the European digital agenda, DG CONNECT, EDPS, ENISA and, Goethe University Frankfurt organized APF 2016. APF 2016 was held 7 & 8 September at Goethe University Frankfurt am Main, Germany.
Private Sector

Article 19 Incident reporting

The focus of this document is the implementation of incident reporting and it aims at supporting the su-pervisory bodies in being aligned with obligations set out in Article 19. The Article 19 incident reporting framework has been prepared in…
National / EU authorities

Incident notification for DSPs in the context of the NIS Directive

This report provides preliminary guidelines on how incident notification provisions for Digital Service Providers could be effectively implemented across the EU. Based on valuable input from Member States and companies directly impacted by the…
Private Sector

Technical Guidelines for the implementation of minimum security measures for Digital Service Providers

ENISA has issued this report to assist Member States and DSPs in providing a common approach regarding the security measures for DSPs. This particular initiative has been achieved by examining current information and network security practices for…
Private Sector

Security aspects of virtualization

This report provides an analysis of the status of virtualization security. ENISA presents current efforts, emerging best practices and known security gaps, discussing the impact the latter have on environments based on virtualization technologies.…
Private Sector
hardware threat landscape

Hardware Threat Landscape and Good Practice Guide

The goal of this report is the compilation of a comprehensive landscape of hardware-related assets, threats, and good practices. This landscape provides basic information for manufacturers and developers who want to understand which threats their…
Private Sector
enisa threat landscape report 2016

ENISA Threat Landscape Report 2016

The ENISA Threat Landscape 2016 - the summary of the most prevalent cyber-threats – is sobering: everybody is exposed to cyber-threats, with the main motive being monetization. The year 2016 is thus characterized by “the efficiency of cyber-crime…
National / EU authoritiesPrivate Sector
m2m communications threat landscape

Ad-hoc & sensor networking for M2M Communications - Threat Landscape and Good Practice Guide

The ad-hoc and sensor networking Threat Landscape and Good Practice Guide complements the Annual Cyber Security ENISA Threat Landscape (ETL). It provides a deep overview of the current state of security in the ad-hoc and sensor networking for M2M…
Private Sector

Cyber Hygiene

This report looks at the leading cyber hygiene programs across the European Union and drills down into a selection of Small – Medium Enterprises to establish their understanding and engagement with the national strategies. Based on the information…
Private Sector