Through this report, ENISA aims to enhance stakeholder awareness, facilitate risk analysis in evolving threat landscapes, and bolster trustworthiness in remote identity proofing methods.
Best Practices for Cyber Crisis Management
This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…
Engineering Personal Data Protection in EU Data Spaces
Common European data spaces (EU data spaces) are a novel concept introduced in the European strategy for data and elaborated further within the Data Governance Act (DGA). This report attempts to contextualise the main design principles regarding…
Digital Identity Standards
This report gives an overview of the most important standards and standardisation organisations in this area. This information is useful for the novice, to find out what is available, but also for more experienced readers who might not be aware of…
Trust Services-Secure move to the cloud of the eIDAS ecosystem
This report includes a detailed analysis on the different technical requirements that must be addressed considering the relevant standards. It also gives an overview of practical experiences on the move of trust services to the cloud, based on the…
DNS Identity
This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name…
Cybersecurity Support Action
The ENISA Cybersecurity Support Action provides ex-post and ex-ante services and assistance to Member States' NIS2 Directive entities.
Sustained Activity by Threat Actors- Joint Publication
ENISA, the EU Agency for Cybersecurity, and CERT-EU, the Computer Emergency Response Team of all the EU institutions, bodies and agencies (EUIBAs), have issued a joint publication to alert on sustained activity by particular threat actors. Malicious…
Engineering Personal Data Sharing
This report attempts to look closer at specific use cases relating to personal data sharing, primarily in the health sector, and discusses how specific technologies and considerations of implementation can support the meeting of specific data…
Post-Quantum Cryptography - Integration study
With this report ENISA seeks to give insight on post-standardisation challenges. As a follow-up to ENISA’s 2021 Post-Quantum Cryptography: Current state and quantum mitigation study, the new report explores the necessity to design new cryptographic…