Publications

Featured publications

ENISA NIS360

Download

This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…

NIS Investments 2025

Download

The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.

NIS2 Technical Implementation Guidance

Download

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…

All publications

By topics

By type

Publish Date

8th ENISA Workshop ‘CERTs in Europe’ report

This document is a brief ENISA report on the annual workshop for Computer Emergency Response Teams in Europe “CERTs in Europe”. The first part of the workshop focused on hands-on technical training for non- governmental CERTs in Europe. Part II…

Good Practice Guide for securely deploying Governmental Clouds

In this report, ENISA identifies the Member States with operational government Cloud infrastructures and underlines the diversity of Cloud adoption in the public sector in Europe. Moreover through this document, ENISA aims to assist Member States…

Recommended cryptographic measures - Securing personal data

This document addresses the protection measures applied to safeguard sensitive and/or personal data, which has been acquired legitimately by a data controller. In this respect it discusses how information technology users, who have a basic…

Algorithms, Key Sizes and Parameters Report - 2013

This document collates a series of recommendations for algorithms, keysizes, and parameter recommendations. It addresses the need for a minimum level of requirements for cryptography across European Union (EU) Member States (MSs) in their effort…

Report on Second International Conference on Cyber-crisis Cooperation and Exercises

ENISA hosted the ‘Second ENISA International Conference on Cyber Crisis Cooperation and Exercises’ on 23–24 September 2013 in Athens, Greece.

The Second ENISA International Conference on Cyber-Crisis Cooperation and Exercises was a unique…

Cybersecurity cooperation - Defending the digital frontline

Fully revised for 2013, the document looks at the latest trends affecting the cyber-threat landscape, and also examines the EU's Cybersecurity Strategy and the Draft Directive on Network and Information Security (NIS).

Can we learn from SCADA security incidents?

Security experts across the world continue to sound the alarm bells about the security of Industrial Control Systems (ICS). Industrial Control Systems look more and more like consumer PCs.
They are used everywhere and involve a considerable…

Schemes for auditing security measures

Across society there are now critical services which rely on computers, networks and servers. Protecting the security of this information infrastructure is not easy. Often the information infrastructure is run by several organisations and uses…

enisa threat landscape mid year 2013.

ENISA Threat Landscape mid year 2013

ENISA presents in this short paper a first “taste” of current developments related to the Threat Landscape 2013.

annual incident reports 2012

Annual Incident Reports 2012

This report provides an overview of the process and an aggregated analysis of the 79 incident reports of severe outages of electronic communication networks or services which were reported by national regulators during 2012.