Publications

Featured publications

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Foresight Cybersecurity Threats For 2030 - Update 2024: Executive Summary

Download

This is the executive summary of the second iteration of The “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Guidelines for trust service providers - Part 1: Security framework

This document describes the framework surrounding trust service providers (TPSs) – the concepts and standards related to operations of a TSP. It focuses on EU standards, but also takes into account others where relevant. The document specifically…

Guidelines for trust service providers - Part 2: Risk assessment

This document covers the following aspects of Trust Service Providers operations: • Assets: identification, classification and evaluation • Threats to assets: classification and evaluation • Vulnerabilities present in the environment • Probability…

Guidelines for trust service providers - Part 3: Mitigating the impact of security incidents

This document recommends measures to mitigate the impact of security incidents on trust service providers (TSP) by proposing suitable technical and organisational means to handle the security risks posed to the TSP. This is done using a…

Proposal for One Security Framework for Articles 4 and 13a

There are two pieces of EU legislation which explicitly mention security measures in the telecom sector: Article 4 of the e-Privacy directive asks providers to take security measures to protect security of personal data processing. Article 13a of…

Position Paper of the EP3R Task Forces on Incident Management and Mutual Aid Strategies (TF-MASIM)

This document summarises the discussions that happened between April and September 2013 in the EP3R Task Force on Incident Management and Mutual Aid Strategies. The task assigned to this Task Force was to reflect on the potential issues found when a…

EP3R 2013 – Task Forces on Terminology Definitions and Categorisation of Assets (TF-TDCA)

This Position Paper intends to establish the foundations of a commonly accepted and adopted methodology to define proper Terminology within EP3R, and later allow a concise Key Assets Categorisation.

Position Paper of the EP3R Task Forces on Trusted Information Sharing (TF-TIS)

The key recommendations of this report are: - To establish a pilot based on the Management and Functional Requirements listed in this document which usage will allow a more structured Information Sharing mechanism; - To designate a neutral party who…
smart grid threat landscape and good practice guide

Smart Grid Threat Landscape and Good Practice Guide

ENISA report on threats in the area of smart grids and good practice guide.

On the security, privacy and usability of online seals

This report analyses the conditions under which online security and privacy seals (OSPS) can be deployed to support users to make an informed trust decision about Web services and their providers with respect to the provided security and privacy.…

Power Supply Dependencies in the Electronic Communications Sector

Electronic communications are the backbone of the EU’s digital society. Article 13a of the EU’s electronic communications Framework directive asks EU Member States to ensure the security and resilience of public electronic communications networks…