Image
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…
Featured publications
ENISA NIS360 2024
The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
All publications
Managed Security Services Market Analysis
This report addresses the market for Managed Security Services (MSS) on both the demand and the supply side. It addresses MSS usage patterns, compliance and skills certification, threats, requirements, incidents and challenges…
European Cybersecurity Month 2023 - Campaign report
European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…
Cyber Resilience Act Requirements Standards Mapping - Joint Research Centre & ENISA Joint Analysis
To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…
European Cybersecurity Month 2022 Campaign Report
The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats:
1. Phishing: so that users may detect and react to the most common attack against individuals.
2. Ransomware: so…
Cybersecurity of AI and Standardisation
The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
European Cybersecurity Month 2021 - Deployment report
The deployment report of the European Cybersecurity Month (ECSM) for 2021, summarises the activities introduced towards reducing cyber incidents. It evaluates the campaign of last year and provides insights for the future.
5G Cybersecurity Standards
This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.
Boosting your Organisation's Cyber Resilience - Joint Publication
ENISA and CERT-EU strongly encourage all public and private sector organisations in the EU to adopt a minimum set of cybersecurity best practices.
Raising Awareness of Cybersecurity
This report seeks to assist EU Member States in further building their cybersecurity capacities by analysing best practices on raising citizens’ awareness of cybersecurity. We have collected information and evaluated the intensity, regularity and…
Methodology for Sectoral Cybersecurity Assessments
The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification…