Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Guidelines on assessing DSP security and OES compliance with the NISD security requirements

This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
National / EU authoritiesPrivate Sector
signalling security in telecom ss7 diameter 5g

Signalling Security in Telecom SS7/Diameter/5G

The present study has deep dived into a critical area within electronic communications, the security of interconnections in electronic communications (signalling security). Based on the analysis, at this moment there is a medium to high level of…
Private Sector

A tool on Privacy Enhancing Technologies (PETs) knowledge management and maturity assessment

This report accompanies the second release of the PETs assessment tool and provides a brief overview of its main functionalities, as well as its challenges and proposed dissemination activities for further enhancement and adoption.
Private Sector

Handbook on Security of Personal Data Processing

The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases…
Private Sector

Privacy and data protection in mobile applications

The scope of the report is to provide a meta-study on privacy and data protection in mobile apps by analysing the features of the app development environment that impact privacy and security, as well as defining relevant best-practices, open issues…
Private Sector

Online Tracking and User Protection Mechanisms

ENISA decided to provide a study on online tracking and relevant user protection mechanisms, paying particular attention to user consent, privacy settings and the implementation of the Do-Not-Track (DNT) standard.
CitizensPrivate Sector

Mapping of OES Security Requirements to Specific Sectors

The current report provides a substantial and comprehensive mapping of the security requirements for OES, as they have been agreed in the NISD Cooperation Group, to sector specific information security standards. ENISA conducted desktop research on…
Private Sector

eIDAS: Overview on the implementation and uptake of Trust Services

In the context of the eIDAS Regulation, ENISA conducted a study to present an overview of the implementation and uptake of Trust Services defined in the eIDAS Regulation one year after adoption to the new regime, and analyse the new opportunities…
Private Sector
annual privacy forum 2017

Annual Privacy Forum 2017

ENISA's Annual Privacy Forum 2017 encouraged dialogue with panel discussions and provided room for exchange of ideas in between scientific sessions. The two-day conference was well attended by more than 100 participants in addition to more than 70…
National / EU authoritiesPrivate Sector

QWACs Plugin

Proof of concept browser plugin to support the two-step verification of qualified certificates for web-site authentication
Private Sector