Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…
Featured publications
Foresight Cybersecurity Threats For 2030 - Update 2024: Executive Summary
This is the executive summary of the second iteration of The “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report…
Best Practices for Cyber Crisis Management
This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…
All publications
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
NIS Investments 2024
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how the NIS Directive has influenced cybersecurity investments and overall maturity of…
Public Consultation on Specifications for EUICC Certification under the EUCC scheme
ENISA has published specifications for the evaluation and certification of embedded Universal Integrated Circuit Cards (eUICCs) under the European Common Criteria-based cybersecurity certification scheme (EUCC). Recognising the potential role of…
Implementation guidance on NIS 2 security measures - Draft for Consultation
The draft of the technical guidance aiming to support entities in scope of Commission Implementing Regulation (EU) 2024/2690 of 17 October 2024 to implement the technical and methodological requirements of the measures referred to in Article 21(2…
Cryptographic Products and Services Market Analysis
This report presents an analysis of the cryptography products and services market in the EU as it has evolved from the point of view of the cybersecurity market under the Cybersecurity Act.
ENISA Threat Landscape 2024
Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…
European Cybersecurity Month 2023 - Campaign report
European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…
ENISA Consolidated Annual Activity Report 2023
This publication presents the annual activity report of ENISA for 2023. The report is based on the 2023 work programme as approved by the agency's Management Board.
Cybersecurity Education Maturity Assessment
This ENISA study aims to develop a maturity assessment model to evaluate each MS's cybersecurity education level in primary and secondary schools and to provide a comprehensive overview of the EU. Additionally, ENISA seeks to collect and share…
Foresight Cybersecurity Threats For 2030 - Update 2024: Extended report
This is the second iteration of the “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report reassesses the previously…
Pagination