Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Building Effective Governance Frameworks for the Implementation of National Cybersecurity Strategies

This study is focusing on the good practices around the set-up and deployment of a governance framework to support the implementation of the NCSS in the EU. The objective is to systematically review existing governance models relevant to the…

National / EU authorities

Demand Side of Cyber Insurance in the EU

The report analyses current perspectives and challenges of Operator of Essential Services (OESs) related to the acquirement of cyber insurance services. Information and statistics are presented according to the selection, acquisition and use of…
National / EU authoritiesPrivate Sector
foreign information manipulation interference fimi and cybersecurity threat landscape

Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape

The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated…
National / EU authoritiesPrivate Sector

NIS Investments 2022

This report marks the third iteration of ENISA's NIS Investments report, which collects data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in the European Union’s directive on security of network and…
National / EU authorities
enisa threat landscape 2022

ENISA Threat Landscape 2022

This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack…
National / EU authoritiesPrivate Sector
enisa threat landscape for ransomware attacks

ENISA Threat Landscape for Ransomware Attacks

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…
National / EU authoritiesPrivate Sector

Trust Services Security Incidents 2021

This report provides an aggregated overview of the notified breaches for 2021, analysing root causes, statistics and trends. It marks the sixth round of security incident reporting for the EU’s trust services sector. In this round of annual summary…
National / EU authorities

Telecom Security Incidents 2021

This report provides anonymised and aggregated information about major telecom security incidents in 2021. The 2021 annual summary contains reports of 168 incidents submitted by national authorities from 26 EU Member States (MS) and 2 EFTA countries.
National / EU authorities
enisa threat landscape methodology

ENISA Threat Landscape Methodology

By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
National / EU authoritiesPrivate Sector

Coordinated Vulnerability Disclosure Policies in the EU

This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…
National / EU authoritiesPrivate Sector