Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

By topics

By type

Publish Date

Cybersecurity and privacy in AI - Medical imaging diagnosis

This report allows better assessment of the reality that artificial intelligence brings its own set of threats, which consequently insists on the search for new security measures to counter them. Finally, it should be noted that this guide strongly…
Private Sector

Artificial Intelligence and Cybersecurity Research

The aim of this study is to identify needs for research on AI for cybersecurity and on securing AI, as part of ENISA’s work in fulfilling its mandate under Article 11 of the Cybersecurity Act . This report is one of the outputs of this task. In it…
Private Sector

Multilayer Framework for Good Cybersecurity Practices for AI

In this report, we present a scalable framework to guide NCAs and AI stakeholders on the steps they need to follow to secure their AI systems, operations and processes by using existing knowledge and best practices and identifying missing elements.…
Private Sector

DNS Identity

This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name…
Private Sector

5G Security Controls Matrix

The ENISA 5G Security controls matrix is a comprehensive and dynamic matrix of security controls and best practices for 5G networks, to support the national authorities in the EU Member States with implementing the technical measures of the EU’s 5G…
Private Sector

Cybersecurity Support Action

The ENISA Cybersecurity Support Action provides ex-post and ex-ante services and assistance to Member States' NIS2 Directive entities.
National / EU authorities

European Cybersecurity Month 2022 Campaign Report

The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats: 1. Phishing: so that users may detect and react to the most common attack against individuals. 2. Ransomware: so…
Private Sector
enisa foresight cybersecurity threats for 2030

ENISA Foresight Cybersecurity Threats for 2030

This study aims to identify and collect information on future cybersecurity threats that could affect the Union’s infrastructure and services, and its ability to keep European society and citizens digitally secure.
National / EU authoritiesPrivate Sector

Cloud Cybersecurity Market Analysis

The present European Union Agency for Cybersecurity (ENISA) report is an analysis of the cloud cybersecurity market, planned for in ENISA’s Work Programme 2022 ( ) under activity O.7.1., ‘Market analysis on the main trends in the cybersecurity…
National / EU authorities

ENISA Cybersecurity Market Analysis Framework (ECSMAF) -V2.0

This document is the cornerstone of ENISA activities in analysing the EU cybersecurity market. It presents the updated cybersecurity market analysis framework, a guidance, on how EU cybersecurity market analyses can be performed
National / EU authorities