Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

ENISA Threat Landscape (ETL) report is an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes…

Best Practices for Cyber Crisis Management

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

Publish Date

Cybersecurity competitions — the status in Europe

This report focuses on analysing the current situation concerning cybersecurity challenge competitions in Europe. The experience gathered will be the basis to develop a pan-European competition on cybersecurity.

Good Practice Guide on Training Methodologies

The goal of this document is to guide both novice and experienced trainers to design and deliver trainings of any size or type, and to make these trainings more successful, more “fun” and with better and longer lasting results.

Report on Cyber Crisis Cooperation and Management

This is a comparative study on the cyber crisis management and the general crisis management. The purpose of the study is twofold: to compare the concepts from general crisis management systems with the corresponding systems related to cyber crisis…

Roadmap for NIS education programmes in Europe

This document continues work from previous activities by suggesting training materials, scenarios and a way forward for implementing the EC roadmap for NIS education in Europe. In doing so, the Agency has recognised the heterogeneous landscape of…

Public Private Partnerships in Network and Information Security Education

This report focuses on the brokerage of best practices between the public and private sectors aimed at all members of the Network and Information Security Education community in Europe. ENISA is committed to taking the lead in encouraging the…

Flash Note: The BASH Shellshock Bug

Last week a serious, remotely exploitable vulnerability was discovered in the widely deployed Bourne Again Shell (BASH). The technical background is analysed by ENISA in a new flash note.

Annual Incident Reports 2013

The Annual Incidents report 2013 provides an aggregated analysis of the security incidents in 2013 which caused severe outages. Most incidents reported to regulators and ENISA involved mobile internet and mobile telephony connections.

Flash Note: Heartbleed - A wake-up call

Last week the entire web discovered the existence of the so called “Heartbleed” vulnerability affecting one of the most popular mechanisms used to secure communication with web sites: OpenSSL. The underlying problem is a programming error with…

Flash Note: Large scale UDP attacks - the 2014 trend and how to face it

Recent news show the increase of large scale attacks exploiting specific vulnerabilities of the Internet core protocols. In the latest cases, the Network Time Protocol (NTP), which allows synchronizing devices to the coordinated universal time (UTC…

Brokerage model for Network and Information Security in Education

By publishing the Brokerage model for Network & Information Security (NIS) in Education report, we aim to provide content and promote digital education on network and information security at all levels. The target group is composed of educators…