This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
This publication describes the threats against energy providers’ services which depend on the availability of precise timing and communication networks. It provides a typical architecture which supports the time measurement service. Then it…
This report aims to support the cooperation between CSIRTs - in particular, national and governmental CSIRTs, LEAs and the Judiciary – in particular, prosecutors and judges, in their fight against cybercrime, by providing information on the…
This report explores the current state of affairs in Encrypted Traffic Analysis and in particular discusses research and methods in 6 key use cases; viz. application identification, network analytics, user information identification, detection of…
This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related…
The purpose of this roadmap is to further explore the cooperation across computer security incident response teams (CSIRTs) in particular with national and governmental - law enforcement (LE) and the Judiciary (prosecutors and judges). This…
This report focuses on the status of the cybersecurity education system and the inability to attract more students in studying cybersecurity and to produce graduates with “the right cybersecurity knowledge and skills”. It argues that many of the…
This report provides an overview of the legislative framework under eIDAS for electronic identification, presents the landscape of notified and pre-notified eID schemes and identifies key trends in the electronic identification field. Moreover,…
As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…
The document presents the value of the cybersecurity standardisation efforts for certification, the roles and responsibilities of Standards Developing Organisations (SDOs) in this context, and discusses various ways how standardisation can…
This report contains the following key observations were made by independent third-party observers on the ECSC 2019 organisation. These observations have been produced based on the feedback collected from participants, members of the ECSC Jury,…
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
