Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

November 29, 2024 Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

September 17, 2024 Download

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…

Best Practices for Cyber Crisis Management

February 27, 2024 Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

Trust Services Security Incidents 2021

27 July, 2022

This report provides an aggregated overview of the notified breaches for 2021, analysing root causes, statistics and trends. It marks the sixth round of security incident reporting for the EU’s trust services sector. In this round of annual summary…

ENISA Threat Landscape Methodology

6 July, 2022

By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…

Coordinated Vulnerability Disclosure Policies in the EU

13 April, 2022

This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…

Cyber Threats Outreach In Telecom

10 March, 2022

In this paper, we aim to give guidance to national Authorities and providers of electronic communications networks and services regarding how to strike the right balance and carry out efficient and effective outreach to users about cyber threats.

Foresight Challenges

22 November, 2021

This report aims to highlight the most relevant foresight methods based on ubiquity or suitability to ENISA’s core needs to adequately address future cybersecurity threats and shape a more secure society. In fact, foresight enables reflection on…

NIS Investments Report 2021

17 November, 2021

Following the 2020 NIS Investment publication, this report covers all 27 EU Member States and offering additional insights into the allocation of NIS budgets of OES/DSP, the economic impact of cybersecurity incidents and the organisation of…

ENISA Threat Landscape 2021

27 October, 2021

This is the ninth edition of the ENISA Threat Landscape (ETL) report, an annual report that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes relevant mitigation…

threat andscape for supply chain attacks

Threat Landscape for Supply Chain Attacks

29 July, 2021

This report aims at mapping and studying the supply chain attacks that were discovered from January 2020 to early July 2021. Based on the trends and patterns observed, supply chain attacks increased in number and sophistication in the year 2020 and…

Telecom Security Incidents 2020 - Annual Report

26 July, 2021

Security incident reporting has been part of the EU’s telecom regulatory framework since the 2009 reform of the telecom package: Article 13a of the Framework Directive (2009/140/EC) came into force in 2011. The European Electronic Communications…

trust services security incidents 2020 annual analysis report

Trust Services Security Incidents 2020 - Annual Report