Communication network dependencies for ICS/SCADA Systems
ENISA is continuing the work on communication network dependencies in industrial infrastructures, focusing in this case on ICS/SCADA systems and networks. The main objective is to provide insight into the communication network interdependencies…
A good practice guide of using taxonomies in incident prevention and detection
The aim of this document is to provide good practices on using taxonomies for incident detection and prevention by taking into account the input received from the CSIRT community and relevant information from previous ENISA studies. In addition, it…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Indispensable baseline security requirements for the procurement of secure ICT products and services
This short paper can be of use to suppliers and procurement officers when planning, offering and purchasing ICT products, systems and services. It is meant as a practical, technologically neutral document with clear, simple and sector-agnostic…
Distributed Ledger Technology & Cybersecurity - Improving information security in the financial sector
This paper aims to provide financial professionals in both business and technology roles with an assessment of the various benefits and challenges that their institutions may encounter when implementing a distributed ledger.
Cyber Security and Resilience of smart cars
The objective of this study is to identify good practices that ensure the security of smart cars against cyber threats, with the particularity that smart cars’ security shall also guarantee safety. The study lists the sensitive assets present in…
Towards a Digital Single Market for NIS Products and Services
The objective of this report is to assess the current NIS market in the EU from an economic and technical standpoint, in view of the DSM and its future demands for protection. It primarily focuses on the European market’s characteristics,…
PETs controls matrix - A systematic approach for assessing online and mobile privacy tools
Following previous work in the field of privacy engineering, in 2016 ENISA defined the ‘PETs control matrix’, an assessment framework and tool for the systematic presentation and evaluation of online and mobile privacy tools for end users. The…
Security of Mobile Payments and Digital Wallets
The primary objective of this paper is the production of guidelines to assist mobile payment developers and mobile payment providers towards recommended security controls which if implemented would help ensure that consumers, retailers and financial…
Securing Smart Airports
In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant…