ENISA continuously enhances Europe's cybersecurity resilience by publishing comprehensive assessments of the cyber threat landscape. The Agency's flagship annual ENISA Threat Landscape (ETL) report combines strategic and technical elements, catering to both technical and non-technical audiences. It provides a broad view of cybersecurity status, mapping the most prevalent threats and trends, and discussing each threat, attack technique, notable incident, and trend along with proposed mitigation measures and strategies.
The ETL is based on information from open sources, mainly of a strategic nature and on ENISA’s own Cyber Threat Intelligence (CTI) capabilities. It covers more than one sector, technology and context. The report aims to be industry and vendor agnostic. It cites the work of various security researchers, security blogs and news media articles throughout the text in multiple footnotes to validate findings and statements. The time span of the ETL report is July to June of each annual year.
Over time, the ETL has become a crucial tool for understanding the EU's cybersecurity state, offering insights to guide decisions and to help prioritise actions and recommendations.
According to the latest ETL report, seven prime cybersecurity threats have been identified: threats against availability, ransomware, threats against data, malware, social engineering, information manipulation and interference, and supply chain attacks. Trends include zero-day exploits, complex DDoS attacks, expanding hacktivism around major events, AI-enabled disinformation and deepfakes, and ongoing regional conflicts shaping the cybersecurity landscape. ENISA uses the CTL methodology to establish a baseline for the transparent, systematic delivery of cybersecurity threat landscapes. This promotes transparency and consistency, supporting risk mitigation, situational awareness, and proactive responses to future challenges. Sectorial threat landscapes are also regularly explored by ENISA. These sectorial reports focus on threats and trends across vertical sectors and include targeted analyses on technical threat landscapes to reinforce the cybersecurity posture of those sectors according to their specific characteristics.
In line with the ENISA’s strategic objective, “Foresight on Emerging and Future Cybersecurity Opportunities and Challenges”, the Agency seeks to increase awareness of future threats and countermeasures amongst EU Member States and European Union Institutions, Bodies and Agencies (EUIBAs) stakeholders.
To achieve this goal, ENISA has developed its own cybersecurity foresight methodological framework created in collaboration with the Ad-Hoc Working Group and grounded in foresight research and future studies.
The 2024 edition of the Foresight 2030 report concludes in the following top ten list of emerging cybersecurity threats to have an impact by 2030:
- Supply Chain Compromise of Software Dependencies;
- Skill Shortage;
- Human Error and Exploited Legacy Systems Within Cyber-Physical Ecosystem;
- Exploitation of Unpatched and Out-of-date Systems within the Overwhelmed Cross-sector Tech Ecosystem [New in Top Ten];
- Rise of Digital Surveillance Authoritarianism / Loss of Privacy;
- Cross-border ICT Service Providers as a Single Point of Failure;
- Advanced Disinformation / Influence Operations (IO) Campaign;
- Rise of Advanced Hybrid Threats;
- Abuse of AI;
- Physical Impact of Natural/Environmental Disruptions on Critical Digital Infrastructure [New in Top Ten].
Besides, ENISA has been organising the ‘ThreatHunt 2030’ conference since 2022. This is the first conference on cybersecurity foresight in Europe, attracting hundreds of experts across the EU. For more information, please contact the ENISA foresight team.
