Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Alerts-Warnings-Announcements

This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams (CERTs, also known as CSIRTs). It describes good practices and provides practical information and guidelines for the process of preparing and…

Security certification practice in the EU - Information Security Management Systems - A case study

This report aims at providing input for the adoption of a framework on privacy certifications, as well as for eGovernment certification in Europe. There are numerous IT security certification schemes across the European Member States that can serve…

Detect, SHARE, Protect - Solutions for Improving Threat Data Exchange among CERTs

The focus of this report is on the threat and incident information exchange and sharing practices used among CERTs in Europe, especially, but not limited to, national/governmental CERTs. It aims at: - Taking stock of existing communication…

National-level Risk Assessments: An Analysis Report

This report is based on a study and analysis of approaches to national-level risk assessment and threat modelling for cyber security which was conducted between April and October 2013. ENISA aims to provide an evidence-based methodology for…

8th ENISA Workshop ‘CERTs in Europe’ report

This document is a brief ENISA report on the annual workshop for Computer Emergency Response Teams in Europe “CERTs in Europe”. The first part of the workshop focused on hands-on technical training for non- governmental CERTs in Europe. Part II of…

Good Practice Guide for securely deploying Governmental Clouds

In this report, ENISA identifies the Member States with operational government Cloud infrastructures and underlines the diversity of Cloud adoption in the public sector in Europe. Moreover through this document, ENISA aims to assist Member States in…

Recommended cryptographic measures - Securing personal data

This document addresses the protection measures applied to safeguard sensitive and/or personal data, which has been acquired legitimately by a data controller. In this respect it discusses how information technology users, who have a basic knowledge…

Algorithms, Key Sizes and Parameters Report - 2013

This document collates a series of recommendations for algorithms, keysizes, and parameter recommendations. It addresses the need for a minimum level of requirements for cryptography across European Union (EU) Member States (MSs) in their effort to…

Report on Second International Conference on Cyber-crisis Cooperation and Exercises

ENISA hosted the ‘Second ENISA International Conference on Cyber Crisis Cooperation and Exercises’ on 23–24 September 2013 in Athens, Greece. The Second ENISA International Conference on Cyber-Crisis Cooperation and Exercises was a unique high-…

Cybersecurity cooperation - Defending the digital frontline

Fully revised for 2013, the document looks at the latest trends affecting the cyber-threat landscape, and also examines the EU's Cybersecurity Strategy and the Draft Directive on Network and Information Security (NIS).