Publications

Featured publications

ENISA Threat Landscape 2025

Download

Through a more threat-centric approach and further contextual analysis, this latest edition of the ENISA Threat Landscape analyses 4875 incidents over a period spanning from 1 July 2024 to 30 June 2025. At its core, this report provides an…

NIS Investments 2025

Download

The annual NIS Investments report presents the findings of a study conducted by ENISA to explore how cybersecurity policy
translates in practice across organisations in the EU and its effects on their investments, resources, and operations.…

NIS2 Technical Implementation Guidance

Download

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…

All publications

By topics

By type

Publish Date
password security a joint effort between end users and service providers.

Flash Note: Password security-a joint effort between end-users and service providers

Just halfway through 2012, data leaks have already exposed millions of users’ sensitive personal data including password information. ENISA is reminding service providers to follow best practices to better protect sensitive data.

ENISA Smart Grid Security Recommendations

This study makes 10 recommendations to the public and private sector involved in the definition and implementation of smart grids. These recommendations intend to provide useful and practical advice aimed at improving current initiatives, enhancing…

Incentives and barriers of the cyber insurance market in Europe

ENISA conducted a study identifying possible causes inhibiting the cyber-insurance market in Europe and investigating incentives to kick –start its development. The Study analyses the structure and the characteristics of the market and includes a…

ENISA Report on Resilient Internet Interconnections

This study provides an overview of past incidents that impaired the Internet’s interconnection fabric, and discusses good practices to limit or avoid the impact of future crises events.
the threat from flamer

Flash note: The threat from flamer

The threat from Flamer illustrates important weaknesses in our cyber defences

National Cyber Security Strategies

The paper includes a short analysis of the current status of cyber security strategies within the European Union and elsewhere. It also identifies common themes and differences, and concludes with a series of observations and recommendations. The…

Recommendations for technical implementation of Art.4

In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of…

Procure Secure: A guide to monitoring of security service levels in cloud contracts

A practical guide aimed at the procurement and governance of cloud services. This guide provides advice on questions to ask about the monitoring of security. The goal is to improve public sector customer understanding of the security of cloud…

Study on monetising privacy. An economic model for pricing personal information

Do some individuals value their privacy enough to pay a mark-up to an online service provider who protects their information better? How is this related to personalisation of services? This study analyses the monetisation of privacy. ‘Monetizing…

Study on data collection and storage in the EU

Given the clear contrast between the importance of the privacy by design principle on the one hand, and the reality of lax data protection practices with many online service providers on the other hand, the aim of this study is to present an…