Image
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…
Featured publications
ENISA NIS360 2024
The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
All publications
Cyber Insurance - Models and methods and the use of AI
The main objective of this report is to introduce cyber risk and cyber insurance, provide an overview of existing research and modelling approaches, and identify gaps for upcoming research projects.
Multilayer Framework for Good Cybersecurity Practices for AI
In this report, we present a scalable framework to guide NCAs and AI stakeholders on the steps they need to follow to secure their AI systems, operations and processes by using existing knowledge and best practices and identifying missing elements.…
Cybersecurity and privacy in AI - Forecasting demand on electricity grids
This report allows better assessment of the reality that artificial intelligence brings its own set of threats, which consequently insists on the search for new security measures to counter them. Finally, it should be noted that this guide strongly…
Cybersecurity and privacy in AI - Medical imaging diagnosis
This report allows better assessment of the reality that artificial intelligence brings its own set of threats, which consequently insists on the search for new security measures to counter them. Finally, it should be noted that this guide strongly…
Artificial Intelligence and Cybersecurity Research
The aim of this study is to identify needs for research on AI for cybersecurity and on securing AI, as part of ENISA’s work in fulfilling its mandate under Article 11 of the Cybersecurity Act . This report is one of the outputs of this task. In it…
Cybersecurity of AI and Standardisation
The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
Interoperable EU Risk Management Toolbox
This document presents the EU RM toolbox, a solution proposed by ENISA to address interoperability concerns related to the use of information security RM methods. The toolbox aims to facilitate the smooth integration of various RM methods in an…
Interoperable EU Risk Management Framework
This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research of…
Risk Management Standards
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…