Image
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…
Featured publications
ENISA NIS360 2024
The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…
2024 Report on the State of the Cybersecurity in the Union
This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…
All publications
Post-Quantum Cryptography - Integration study
With this report ENISA seeks to give insight on post-standardisation challenges. As a follow-up to ENISA’s 2021 Post-Quantum Cryptography: Current state and quantum mitigation study, the new report explores the necessity to design new cryptographic…
European Cybersecurity Skills Framework Role Profiles
The ECSF role profiles document lists the 12 typical cybersecurity professional role profiles along with their identified titles, missions, tasks, skills, knowledge, competences. The main purpose of this framework is to create a common…
European Cybersecurity Skills Framework (ECSF) - User Manual
The ECSF User Manual provides a comprehensive overview of the ECSF’s main scope, framework principles and application opportunities. The primary purpose of the manual is to make the ECSF easily accessible by, understandable for, and usable by all…
ENISA Threat Landscape for Ransomware Attacks
This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. Based on the findings, ransomware has adapted and evolved, becoming more efficient and…
ENISA Threat Landscape Methodology
By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
Coordinated Vulnerability Disclosure Policies in the EU
This report analyses information and presents an overview of coordinated vulnerability disclosure (CVD) policies at the national level within the EU. Aside from offering a comprehensive overview of the EU CVD state of play, it also provides high-…
Cross-Sector Exercise Requirements
This report aims to identify the skills, exercises and training needed to ensure that the information exchange among the European information sharing and analysis centres (ISACs) is effective and efficient.
European Cybersecurity Month 2021 - Deployment report
The deployment report of the European Cybersecurity Month (ECSM) for 2021, summarises the activities introduced towards reducing cyber incidents. It evaluates the campaign of last year and provides insights for the future.
Deploying Pseudonymisation Techniques
Pseudonymisation is increasingly becoming a key security technique for providing a means that can facilitate personal data processing, while offering strong safeguards for the protection of personal data and thereby safeguarding the rights and…
Risk Management Standards
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.