Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Recommendations for technical implementation of Art.4

In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of…

Procure Secure: A guide to monitoring of security service levels in cloud contracts

A practical guide aimed at the procurement and governance of cloud services. This guide provides advice on questions to ask about the monitoring of security. The goal is to improve public sector customer understanding of the security of cloud…

Study on monetising privacy. An economic model for pricing personal information

Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services? This study analyses the monetisation of privacy. ‘Monetizing…

Study on data collection and storage in the EU

Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an…

NIS in Education

ENISA's report on Network Information Security (NIS) in Education comes at a time when education and ITC are interrelated and interconnected more than ever. The challenge for the digitally active citizen is to stay informed of the news coming from…

Ontology and taxonomies of resilience

Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context is…

Technologies with potential to improve the resilience of the Internet infrastructure

In 2011 ENISA performed the review of its studies on resilient technologies from 2008-2010, complementing the findings of the previous years and investigating the deployment status of technologies enhancing resilience. Initial review of supply chain…

Secure Communication with the CERTs & Other Stakeholders

The main objective of the project “Secure Communications with the CERTs and other Stakeholders”, which is one of the ENISA activities related to reinforcing communications between CERTs in the Member States, is the preparation work for a report on…

CERT Operational Gaps and Overlaps

This document analyses the operational gaps and overlaps of national/governmental CERTs and provides some reccomendations. Recommendations made in this report represent the results of the analysis of input gathered from the relevant external…

The Use of Cryptographic Techniques in Europe

With the increased use of e-Government services, the amount of citizens’ sensitive data being transmitted over public networks (e.g. the Internet) and stored within applications that are accessible from anywhere on the Internet has grown…