For more than a decade, ENISA has been directly supporting EU Member States in developing and implementing guidelines for their respective national cybersecurity strategies towards building trust, resilience and sufficient levels of transparency.
With ENISA’s contribution all EU Member States have implemented a concrete national cybersecurity strategy since 2017, and many have since then updated their strategies.
In 2020, ENISA developed a framework to help the Member States understand their level of maturity by assessing their National Cybersecurity Strategies (NCSSs) objectives, that will enable them to enhance and build cybersecurity capabilities both at a strategic and at an operational level. The National Cybersecurity Assessment Framework is divided into four clusters: cybersecurity governance and standards, capacity building and awareness, legal and regulatory, and cooperation.
Following the provisions of the NIS 2 Directive, all EU Member States are now required` to develop and adopt a national cybersecurity strategy (NCSS).
Among ENISA’s work on NCSS are a series of guidelines and tools that can be found under National Cybersecurity Strategies Guidelines & tools, as well as the ENISA National Cybersecurity Strategies (NCSSs) Map, listing all the documents of National Cybersecurity Strategies in the EU together with their strategic objectives and good examples of implementation.
