Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

CSIRT Capabilities in Healthcare Sector

An attack directed at a critical infrastructure, such as a hospital, can lead to physical damages and put the lives of patients at risk. Therefore, there is a need for solid Incident Response Capabilities (IRC) in the health sector, in particular…
National / EU authoritiesPrivate Sector

Methodology for Sectoral Cybersecurity Assessments

The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification…
Private Sector

Cybersecurity Certification: Candidate EUCC Scheme V1.1.1

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
National / EU authoritiesPrivate Sector

2020 Report on CSIRT-LE Cooperation: study of roles and synergies among selected countries

The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental (n/g) CSIRTs, and law enforcement agencies (LEAs) and their…

National / EU authorities

How to set up CSIRT and SOC

This publication provides results-driven guidance for those who are interested in establishing a computer security incident response team (CSIRT) or security operations centre (SOC), and guidance on possible improvements for different types of…
National / EU authoritiesPrivate Sector

Cybersecurity Certification: Candidate EUCC Scheme

Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
National / EU authoritiesPrivate Sector

Proactive detection - Good practices gap analysis recommendations

The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident…
National / EU authoritiesPrivate Sector

Proactive detection – Measures and information sources

The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident…
National / EU authoritiesPrivate Sector

Proactive detection – Survey results

The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident…
National / EU authoritiesPrivate Sector

An overview on enhancing technical cooperation between CSIRTs and LE

This report aims to support the cooperation between CSIRTs - in particular, national and governmental CSIRTs, LEAs and the Judiciary – in particular, prosecutors and judges, in their fight against cybercrime, by providing information on the…
National / EU authorities