This edition of the ENISA NIS360 report is the third to assess the cybersecurity maturity and criticality of all sectors of high criticality as identified under Annex I of the NIS2 directive. The assessment covers the entire ecosystem of a sector…
The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy translates in practice across organisations in the EU and its effects on their investments, resources, and operations.
…
This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The cybersecurity requirements for…
In 2010 ENISA started its support for operational collaboration between the Computer Emergency Response Teams (CERTs) in the Member States on the one hand and Law Enforcing Agencies (LEA) on the other hand. Various activities have since been…
An increasing number of complex attacks demand improved early warning detection capabilities for CERTs. By having threat intelligence collected without any impact on production infrastructure, CERTs can better defend their constituencies assets.…
The right to be forgotten is included in the proposed regulation on data protection published by the European Commission in January 2012. The regulation is still to be adopted by the European Parliament for entering into force. The different…
Internet users are being increasingly tracked and profiled and their personal data are extensively used as currency in exchange for services. It is important that this new reality is better understood by all stakeholders if we are to be able to…
Cyber exercises are an important tool to assess the preparedness of a community against cyber crises, technology failures and critical information infrastructure incidents. ENISA supports the stakeholders involved in EU cyber exercises.
This…
This report is an ENISA deliverable in the area of “Identifying & Responding to the Evolving Threat Environment”. It delivers the results of a risk and opportunity assessment in the area of “Consumerization of IT” (COIT), that is, the recent…
The EISAS Enhanced Roadmap 2012 take account of the results of the EISAS Large scale pilot and foresee the next steps required for a full deployment of EISAS in the EU.
For the first time in the EU, in spring 2012, national reports about security incidents were provided to ENISA and the European Commission, under Article 13a of the Framework Directive (2009/140/EC). This is a new article in the EU legal…
We summarize different security articles in EU legislation which mandate cyber incidents and cyber security measures. In a single diagram we give an overview of Article 13a and Article 4 of the Telecom package, Article 15 of the proposed eID/eSig…
Just halfway through 2012, data leaks have already exposed millions of users’ sensitive personal data including password information. ENISA is reminding service providers to follow best practices to better protect sensitive data.
Stay updated with ENISA! Sign up for email alerts on publications, events, vacancies, and more.
