Status of privacy and NIS course curricula in EU Member States
User Education is key in cyber security. Our work for this report follows up on previous efforts and suggested recommendations from 2014 and 2013. The first objective of this report is to identify gaps between available training courses,…
ENISA Cyber Europe 2014 - After Action Report
ENISA's After Action Report of the pan-European cybersecurity exercise Cyber Europe 2014 (CE2014) was approved by the EU Member States and gives a high-level overview of the complex cybersecurity exercise that was carried out in 2014. The full…
Annual Incident Reports 2014
The report “Annual Incident reports 2014” provides an aggregated analysis of the security incidents in the European telecom sector in 2014 which caused severe outages. Most incidents reported to regulators and ENISA (137 incidents) involved fixed…
Technical Guideline on Threats and Assets
The Technical Guideline on Threats and Assets provides National Regulatory Authorities (NRAs) with a glossary of terms to communicate about the most significant threats and network assets involved in disruptions in electronic communications networks…
Supply Chain Integrity: An overview of the ICT supply chain risks and challenges, and vision for the way forward (2015)
The root of this report is the assertion that Governments, corporations, organizations, and consumers are increasingly reliant on ICT products and services, and thus on the supply chains that deliver them. As a result of this reliance threats to…
Inventory of CERT activities in Europe
This document aims to provide an overview on the actual situation concerning CERT matters in Europe. It provides a list of response teams and similar facilities by country, but also contains a catalogue of co-operation, support and standardisation…
EP3R 2009-2013 Future of NIS Public Private Cooperation.
The EP3R (European Public-Private Partnership for Resilience) was established in 2009 and was the very first attempt at Pan-European level to use a Public-Private Partnership (PPP) to address cross-border Security and Resilience concerns in the…
Cloud Security Guide for SMEs
This guide wants to assist SMEs understand the security risks and opportunities they should take into account when procuring cloud services. This document includes a set of security risk, a set of security opportunities and a list of security…
Guideline on Security measures for Article 4 and Article 13a
The Technical Guideline on Security Measures for Article 4 and Article 13a gives guidance to national competent authorities about the supervision of security measures in Article 13a of the Framework Directive (2009/140/EC) and Article 4 of the e-…
Auditing Framework for TSPs
This report provides an overview of the dedicated means of auditing for TSPs. It discusses specifically the following areas: standards applicable to TSPs and Conformity Assessment Bodies (auditors), methodology of auditing TSPs (off- and on-site),…