Publications

Featured publications

ENISA Threat Landscape 2025

Download

Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…

NIS2 Technical Implementation Guidance

Download

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…

ENISA NIS360 2024

Download

The NIS360 is a new ENISA product that assesses the maturity and criticality of sectors of high criticality under the NIS2 Directive, providing both a comparative overview and a more in-depth analysis of each sector. The NIS360 is designed to…

All publications

By topics

By type

Publish Date

NIS Investments Report 2020

Four years after the NIS Directive entered into force and two years after the transposition by Member States into their national laws, this report presents the findings of a survey of 251 organisations across five EU Member States (France, Germany,…
National / EU authorities

How to set up CSIRT and SOC

This publication provides results-driven guidance for those who are interested in establishing a computer security incident response team (CSIRT) or security operations centre (SOC), and guidance on possible improvements for different types of…
National / EU authoritiesPrivate Sector

Sectoral CSIRT Capabilities - Energy and Air Transport

This study provides a continuation of work on Sectoral IRC at European level following the publication of the 2019 “EU Member States incident response development status report”. The report focuses on trends in Energy and Air Transport Incident…
National / EU authoritiesPrivate Sector

National Capabilities Assessment Framework

This report presents the work performed by ENISA to build a National Capabilities Assessment Framework (NCAF). The framework aims at providing Member States with a self-assessment of their level of maturity by assessing their NCSS objectives,…

National / EU authorities

Telecom Security During a Pandemic

The COVID-19 pandemic not only highlighted the importance of electronic communication networks and services for the EU’s society and economy, but it also triggered major changes and challenges in their use in the EU and worldwide. In this paper, we…
Private Sector

Cybersecurity Stocktaking in the CAM

In this document, the CAM ecosystem and insights involving stakeholder interactions, critical services and infrastructures, standards, as well as security measures are described. The insights gained from the survey, interviews, and desk research…
Private Sector

Railway Cybersecurity

This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Private Sector

Guidelines for Securing the Internet of Things

This ENISA study defines guidelines for securing the supply chain for IoT. ENISA with the input of IoT experts created security guidelines for the whole lifespan: from requirements and design, to end use delivery and maintenance, as well as…
Private Sector

ENISA Threat Landscape 2020 - Cyber threat intelligence overview

The report assesses the state-of-play of cyber threat intelligence (CTI) as a dynamic cybersecurity domain. This analysis aims to indicate the main trends in the expeditious development of CTI by providing relevant references and summarizing the…

National / EU authoritiesPrivate Sector

ENISA Threat Landscape - Emerging trends

With the start of a new decade, significant changes can be expected in the way we perceive and understand cybersecurity or the security of cyberspace. The report lists relevant cybersecurity challenges and the top five trends with cyberthreats.…

National / EU authoritiesPrivate Sector