Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date
Public_Consultation_on_Specifications_for_EUICC_Certification.png

Public Consultation on Specifications for EUICC Certification under the EUCC scheme

ENISA has published specifications for the evaluation and certification of embedded Universal Integrated Circuit Cards (eUICCs) under the European Common Criteria-based cybersecurity certification scheme (EUCC). Recognising the potential role of…

National / EU authoritiesPrivate Sector
European_Cybersecurity_Month_2023-Campaign_report.png

European Cybersecurity Month 2023 - Campaign report

European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…

Private Sector
Cyber_Resilience_Act_Requirements_Standards_Mapping.png

Cyber Resilience Act Requirements Standards Mapping - Joint Research Centre & ENISA Joint Analysis

To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…

Private Sector

Market of Cybersecurity Assessments

This Report aims at presenting the current state of play of cybersecurity assessments of ICT products and cloud services. In order to study the dynamic of the related market, the report focuses on the evolution of the number of assessed ICT…
National / EU authorities

European Cybersecurity Month 2022 Campaign Report

The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats: 1. Phishing: so that users may detect and react to the most common attack against individuals. 2. Ransomware: so…
Private Sector

Cybersecurity of AI and Standardisation

The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
National / EU authoritiesPrivate Sector

European Cybersecurity Month 2021 - Deployment report

The deployment report of the European Cybersecurity Month (ECSM) for 2021, summarises the activities introduced towards reducing cyber incidents. It evaluates the campaign of last year and provides insights for the future.
Private Sector

5G Cybersecurity Standards

This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.
Private Sector

Boosting your Organisation's Cyber Resilience - Joint Publication

ENISA and CERT-EU strongly encourage all public and private sector organisations in the EU to adopt a minimum set of cybersecurity best practices.
National / EU authoritiesPrivate Sector

Raising Awareness of Cybersecurity

This report seeks to assist EU Member States in further building their cybersecurity capacities by analysing best practices on raising citizens’ awareness of cybersecurity. We have collected information and evaluated the intensity, regularity and…
Private Sector