Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Procurement Guidelines for Cybersecurity in Hospitals

As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…

Private Sector

ECSC 2019 Analysis Report

This report contains the following key observations were made by independent third-party observers on the ECSC 2019 organisation. These observations have been produced based on the feedback collected from participants, members of the ECSC Jury,…
National / EU authorities

Port Cybersecurity - Good practices for cybersecurity in the maritime sector

Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
Private Sector

ENISA good practices for security of Smart Cars

This report defines good practices for security of smart cars, namely connected and (semi-) autonomous vehicles, providing added-value features in order to enhance car users’ experience and improve car safety. Taking stock of all existing…
Private Sector

7 Steps to shore up the Border Gateway Protocol (BGP)

In this paper ENISA highlights the security vulnerabilities of BGP and explains why it is so important to address them. Working closely with experts from industry ENISA derived a shortlist of 7 basic BGP security measures which are industry good…
Private Sector

EUELEx19_AAR

On April 5th, the European Parliament, the European Commission and the EU Agency for cybersecurity (ENISA) in close cooperation with the EU Member States organised an exercise to test the EU's response to and crisis plans for potential…

National / EU authorities

Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'

This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are: 1. Measurement of cyber security attitudes and behaviours, 2.…
Private Sector

ECSC 2018 Analysis Report

The 5th Edition of the European Cyber Security Challenge, ECSC2018 was hosted in London during 14th to 17th October. The event was organised by the Cyber Security Challenge UK at the Tobacco Dock, an iconic grade one listed building which has a rich…
National / EU authorities

ICT security certification opportunities in the healthcare sector

The scope of this report covers functional requirements for a potential ICT security certification scheme for a widely understood healthcare sector.
Private Sector

Good practices on the implementation of regulatory technical standards

MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is…
Private Sector