Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

National Cyber Security Strategies

The paper includes a short analysis of the current status of cyber security strategies within the European Union and elsewhere. It also identifies common themes and differences, and concludes with a series of observations and recommendations. The…

Recommendations for technical implementation of Art.4

In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of…

Procure Secure: A guide to monitoring of security service levels in cloud contracts

A practical guide aimed at the procurement and governance of cloud services. This guide provides advice on questions to ask about the monitoring of security. The goal is to improve public sector customer understanding of the security of cloud…

Study on monetising privacy. An economic model for pricing personal information

Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services? This study analyses the monetisation of privacy. ‘Monetizing…

Study on data collection and storage in the EU

Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an…

NIS in Education

ENISA's report on Network Information Security (NIS) in Education comes at a time when education and ITC are interrelated and interconnected more than ever. The challenge for the digitally active citizen is to stay informed of the news coming from…

Technologies with potential to improve the resilience of the Internet infrastructure

In 2011 ENISA performed the review of its studies on resilient technologies from 2008-2010, complementing the findings of the previous years and investigating the deployment status of technologies enhancing resilience. Initial review of supply chain…

Secure Communication with the CERTs & Other Stakeholders

The main objective of the project “Secure Communications with the CERTs and other Stakeholders”, which is one of the ENISA activities related to reinforcing communications between CERTs in the Member States, is the preparation work for a report on…

Ontology and taxonomies of resilience

Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context is…

Trust and Reputation Models

Reputation systems are a key success factor of many websites, enabling users and customers to have a better understanding of the information, products and services being provided. However, by using reputation systems, individuals place themselves at…