The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
This document offers a forward-looking perspective on some of these challenges and opportunities. It recognises the importance of key structural trends with major implications for the EU's digital ambitions to 2030 and beyond.
This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…
This report analyses demand and supply of IoT cybersecurity in distribution grids. It provides detailed indications on how this market might further develop in the future. The conclusions provided in the report are related to the envisaged scope…
This document is the cornerstone of ENISA activities in analysing the EU cybersecurity market: it presents a cybersecurity market analysis framework as a “cookbook” on how EU cybersecurity market analyses can be performed.
This report aims to identify the skills, exercises and training needed to ensure that the information exchange among the European information sharing and analysis centres (ISACs) is effective and efficient.
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
In this paper, we aim to give guidance to national Authorities and providers of electronic communications networks and services regarding how to strike the right balance and carry out efficient and effective outreach to users about cyber threats…
The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental CSIRTs, and Law enforcement agencies (LEAs) and their interactions…
This training material is an updated version of the training material Aspects of Cooperation between CSIRT and LE - Handbook, Document for trainers3, that was developed based particularly on the ENISA 2020 Report on CSIRT-LE Cooperation.
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
