The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
NIS Investments 2024
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how the NIS Directive has influenced cybersecurity investments and overall maturity of…
NIS in Education
ENISA's report on Network Information Security (NIS) in Education comes at a time when education and ITC are interrelated and interconnected more than ever. The challenge for the digitally active citizen is to stay informed of the news coming from…
NIS Investments 2022
This report marks the third iteration of ENISA's NIS Investments report, which collects data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in the European Union’s directive on security of network and…
NIS Investments Report 2020
Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany,…
Gaps in NIS standardisation - Recommendations for improving NIS in EU standardisation policy
This report recommends that the European Commission, with the support of the Member States, pursuant to the NIS Directive, adopt a standards based framework for the exchange of threat and defensive measure information that impacts the functioning of…
NIS Investments Report 2021
Following the 2020 NIS Investment publication, this report covers all 27 EU Member States and offering additional insights into the allocation of NIS budgets of OES/DSP, the economic impact of cybersecurity incidents and the organisation of…
NIS Investments Report 2023
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in…
NIS Directive and national CSIRTs
This is an informative note on what provisions of the upcoming NIS Directive might mean for CSIRTs. It contains references to parts of the Directive, and some comments and proposals from our side. By no means we consider this document fix or final,…
Roadmap for NIS education programmes in Europe
This document continues work from previous activities by suggesting training materials, scenarios and a way forward for implementing the EC roadmap for NIS education in Europe. In doing so, the Agency has recognised the heterogeneous landscape of…