Publications

Featured publications

ENISA NIS360

This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…

NIS Investments 2025

The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…

All publications

Publish Date

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…

Managed Security Services Market Analysis

This report addresses the market for Managed Security Services (MSS) on both the demand and the supply side. It addresses MSS usage patterns, compliance and skills certification, threats, requirements, incidents and challenges relating to MSS,…

Handbook for Cyber Stress Tests

ENISA developed this handbook as guidance for national or sectorial authorities overseeing cybersecurity and resilience of critical sectors, at the national level, regional or EU level under NIS 2 Directive. It could also be useful for other…

ENISA Space Threat Landscape 2025

The primary objective of this report is to identify and assess the cybersecurity threat landscape for commercial satellites – exploring both existing and emerging challenges for the industry. This is achieved by focusing on cybersecurity aspects…

A Trusted and Cyber Secure Europe - ENISA Strategy

The mission of the European Union Agency for Cybersecurity (ENISA) is to achieve a high common level of cybersecurity across the Union. We aim to be a centre of expertise on cybersecurity, collecting and providing independent, high quality…

ENISA Threat Landscape: Finance Sector

This is the first analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the European finance sector. From January 2023 to June 2024, the European financial sector faced significant…

ENISA Single Programming Document 2025 - 2027 - Condensed version

The 2025 Work Programme outlines planned activities and objectives aimed at enhancing cybersecurity across the EU.

Public Consultation on Specifications for EUICC Certification under the EUCC scheme

ENISA has published specifications for the evaluation and certification of embedded Universal Integrated Circuit Cards (eUICCs) under the European Common Criteria-based cybersecurity certification scheme (EUCC). Recognising the potential role of…

Cryptographic Products and Services Market Analysis

This report presents an analysis of the cryptography products and services market in the EU as it has evolved from the point of view of the cybersecurity market under the Cybersecurity Act.

ENISA Threat Landscape 2024

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…