Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Security Framework for Trust Service Providers

This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS…
Private Sector
security in 5g specifications

Security in 5G Specifications - Controls in 3GPP

The objective of this report is to help MS implementing the technical measure TM02 from the EU toolbox on 5G security. The report is also intended to help national competent and regulatory authorities get a better picture of the standardisation…
National / EU authorities

Crypto Assets: Introduction to Digital Currencies and Distributed Ledger Technologies

This report aims to increase the understanding of blockchain technologies. It aims to explain the underlying technical concepts and how they relate to each other. The goal is to explain the components, and illustrate their use by pointing to…
Private Sector

Data Pseudonymisation: Advanced Techniques and Use Cases

This report, building on the basic pseudonymisation techniques, examines advanced solutions for more complex scenarios that can be based on asymmetric encryption, ring signatures and group pseudonyms, chaining mode, pseudonyms based on multiple…
Private Sector

NIS Investments Report 2020

Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany,…
National / EU authorities

Sectoral CSIRT Capabilities - Energy and Air Transport

This study provides a continuation of work on Sectoral IRC at European level following the publication of the 2019 “EU Member States incident response development status report”. The report focuses on trends in Energy and Air Transport Incident…
National / EU authoritiesPrivate Sector

National Capabilities Assessment Framework

This report presents the work performed by ENISA to build a National Capabilities Assessment Framework (NCAF). The framework aims at providing Member States with a self-assessment of their level of maturity by assessing their NCSS objectives,…

National / EU authorities
telecom annual incident reporting 2019

Telecom Services Security Incidents 2019 Annual Analysis Report

Security incident reporting has been part of the EU’s telecom regulatory framework since the 2009 reform of the telecom package, Article 13a of the Framework directive (2009/140/EC) came into force in 2011. The incident reporting in Article 13a…
National / EU authorities
trust services security incidents 2019 annual analysis report

Trust Services Security Incidents 2019 Annual Analysis Report

This report gives an aggregated overview of Trust Services Security Incidents in 2019, showing root causes, statistics and trends. It marks the fourth round of security incident reporting for the EU’s trust services sector. The annual summary…
National / EU authorities

eIDAS compliant eID Solutions

This report provides an overview of the legislative framework under eIDAS for electronic identification, presents the landscape of notified and pre-notified eID schemes and identifies key trends in the electronic identification field. Moreover, it…
Private Sector