Roadmap for NIS education programmes in Europe
This document continues work from previous activities by suggesting training materials, scenarios and a way forward for implementing the EC roadmap for NIS education in Europe. In doing so, the Agency has recognised the heterogeneous landscape of…
Public Private Partnerships in Network and Information Security Education
This report focuses on the brokerage of best practices between the public and private sectors aimed at all members of the Network and Information Security Education community in Europe. ENISA is committed to taking the lead in encouraging the…
Flash Note: The BASH Shellshock Bug
Last week a serious, remotely exploitable vulnerability was discovered in the widely deployed Bourne Again Shell (BASH). The technical background is analysed by ENISA in a new flash note.
Annual Incident Reports 2013
The Annual Incidents report 2013 provides an aggregated analysis of the security incidents in 2013 which caused severe outages. Most incidents reported to regulators and ENISA involved mobile internet and mobile telephony connections.
Flash Note: Heartbleed - A wake-up call
Last week the entire web discovered the existence of the so called “Heartbleed” vulnerability affecting one of the most popular mechanisms used to secure communication with web sites: OpenSSL.
The underlying problem is a programming error with…
Flash Note: Large scale UDP attacks - the 2014 trend and how to face it
Recent news show the increase of large scale attacks exploiting specific vulnerabilities of the Internet core protocols. In the latest cases, the Network Time Protocol (NTP), which allows synchronizing devices to the coordinated universal time (UTC…
Brokerage model for Network and Information Security in Education
By publishing the Brokerage model for Network & Information Security (NIS) in Education report, we aim to provide content and promote digital education on network and information security at all levels. The target group is composed of educators…
Flash note: Risks of using discontinued software
ENISA warns about the risks of using discontinued software, not only because of the lack of support from the manufacturer, but also from third parties, like manufacturers of anti-malware or other kind of software, or computer peripherals. This will…
Recommendations for a methodology of the assessment of severity of personal data breaches
The European Union Agency for Network and Information Security (ENISA) reviewed the existing measures and the procedures in EU Member States with regard to personal data breaches and published in 2011 a study on the technical implementation of the…
eID Authentication methods in e-Finance and e-Payment services - Current practices and Recommendations
This report collects the results of a survey launched by ENISA (European Network and Information Security Agency). The main purpose of the survey has been to collect information about the electronic IDentity and Authentication Systems (eIDAS) used…