The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
Annual Report - Trust Services Security Incidents 2023
ENISA’s 2023 report on trust services security incidents provides the seventh…
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
NIS Investments 2024
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how the NIS Directive has influenced cybersecurity investments and overall maturity of…
European Cybersecurity Month 2023 - Campaign report
European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…
Telecom Security Incidents 2022
The present report provides anonymised and aggregated information about major telecom security incidents that happened in 2022.
Trust Services Security Incidents 2022
This report, the Annual Report Trust Services Security Incidents 2022, provides an aggregated overview of the notified breaches for 2022, analysing root causes, statistics and trends. This report marks the sixth round of security incident reporting…
NIS Investments Report 2023
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in…
Good Practices for Supply Chain Cybersecurity
The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…
European Cybersecurity Month 2022 Campaign Report
The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats:
1. Phishing: so that users may detect and react to the most common attack against individuals.
2. Ransomware: so…