5G Security Controls Matrix
The ENISA 5G Security controls matrix is a comprehensive and dynamic matrix of security controls and best practices for 5G networks, to support the national authorities in the EU Member States with implementing the technical measures of the EU’s 5G…
Guideline on Security Measures under the EECC
This document, the Technical Guideline for Security Measures, provides guidance to competent authorities about the technical details of implementing Articles 40 and 41 of the EECC: how to ensure that providers assess risks and take appropriate…
Good Practices for Security of IoT - Secure Software Development Lifecycle
This ENISA study introduces good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime. Establishing secure development guidelines across the IoT…
Implementation guidance on NIS 2 security measures - Draft for Consultation
The draft of the technical guidance aiming to support entities in scope of Commission Implementing Regulation (EU) 2024/2690 of 17 October 2024 to implement the technical and methodological requirements of the measures referred to in Article 21(2…
Indispensable baseline security requirements for the procurement of secure ICT products and services
This short paper can be of use to suppliers and procurement officers when planning, offering and purchasing ICT products, systems and services. It is meant as a practical, technologically neutral document with clear, simple and sector-agnostic…
Telecom Security Incidents 2022
The present report provides anonymised and aggregated information about major telecom security incidents that happened in 2022.
Guidelines on assessing DSP security and OES compliance with the NISD security requirements
This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
Cloud Security for Healthcare Services
This study aims to provide Cloud security practices for the healthcare sector and identify security aspects, including relevant data protection aspects, to be taken into account when procuring Cloud services for the healthcare industry. The set of…
Privacy and Security in Personal Data Clouds
The main objective of this study is to identify the different architectures and components of Personal Data Clouds (PDCs) and discuss their privacy and security challenges. Based on an empirical analysis of various applications that fall under, or…
Cloud Security Guide for SMEs
This guide wants to assist SMEs understand the security risks and opportunities they should take into account when procuring cloud services. This document includes a set of security risk, a set of security opportunities and a list of security…