Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

Publish Date

Indispensable baseline security requirements for the procurement of secure ICT products and services

This short paper can be of use to suppliers and procurement officers when planning, offering and purchasing ICT products, systems and services. It is meant as a practical, technologically neutral document with clear, simple and sector-agnostic…

Distributed Ledger Technology & Cybersecurity - Improving information security in the financial sector

This paper aims to provide financial professionals in both business and technology roles with an assessment of the various benefits and challenges that their institutions may encounter when implementing a distributed ledger.

Cyber Security and Resilience of smart cars

The objective of this study is to identify good practices that ensure the security of smart cars against cyber threats, with the particularity that smart cars’ security shall also guarantee safety. The study lists the sensitive assets present in…

Towards a Digital Single Market for NIS Products and Services

The objective of this report is to assess the current NIS market in the EU from an economic and technical standpoint, in view of the DSM and its future demands for protection. It primarily focuses on the European market’s characteristics,…

PETs controls matrix - A systematic approach for assessing online and mobile privacy tools

Following previous work in the field of privacy engineering, in 2016 ENISA defined the ‘PETs control matrix’, an assessment framework and tool for the systematic presentation and evaluation of online and mobile privacy tools for end users. The…

Security of Mobile Payments and Digital Wallets

The primary objective of this paper is the production of guidelines to assist mobile payment developers and mobile payment providers towards recommended security controls which if implemented would help ensure that consumers, retailers and financial…

Securing Smart Airports

In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant…

Cyber security and resilience for Smart Hospitals

This study proposes key recommendations for hospital information security executives and industry to enhance the level of information security in Smart Hospitals. Through the identification of assets and the related threats when IoT components are…

NCSS Good Practice Guide

ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…

Cyber Insurance: Recent Advances, Good Practices and Challenges

The aim of the report is to raise awareness for the most impactful market advances, by shortly identifying the most significant cyber insurance developments for the past four years – during 2012 to 2016 – and to capture the good practices and…