Search

With this report, ENISA aims to analyse the current status of PPPs in the EU. The study identifies the main models of collaboration, the current challenges that both private and public sector face in the process of setting up and developing PPPs and…

To assist in promoting both the understanding and uptake of CSC programmes within organisations, this report draws from multiple disciplines, including organisational sciences, psychology, law and cybersecurity. It is complemented by knowledge and…

For the fifth consecutive year, last October the European Cyber Security Month (ECSM) campaign was successfully executed across Europe. The campaign was coordinated and supported by ENISA, the European Commission, Europol’s Cyber Crime Centre (EC3…

This report is a continuation and an extension of previously carried out ENISA work on approaches to the NIS Directive by Member States, which have provided recommendations on standardisation and have outlined the use and management of CSIRTs.

The time has come for ENISA to take a look at the crystal ball of technology; In particular looking at what are considered to be emerging technologies and what might be their prospective usage scenarios. Considering emerging technologies and…

The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases…

The scope of the report is to provide a meta-study on privacy and data protection in mobile apps by analysing the features of the app development environment that impact privacy and security, as well as defining relevant best-practices, open issues…

This taxonomy resulted from collaboration initiatives such as the annual ENISA/EC3 Workshop which involved CSIRTs, LEAs, ENISA, and EC3. Other examples include the eCSIRT.net taxonomy2 which was developed in 2003, and the eCSIRT.net mkVI taxonomy3…

ENISA decided to provide a study on online tracking and relevant user protection mechanisms, paying particular attention to user consent, privacy settings and the implementation of the Do-Not-Track (DNT) standard.

This study seeks to identify and analyse the current landscape of ICT security certification laboratories in EU Member States, comparing them also with third countries practices. The findings of this study will constitute the basis for the Agency’s…