Publications

Featured publications

2024 Report on the State of the Cybersecurity in the Union

November 29, 2024 Download

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

ENISA Threat Landscape 2024

September 17, 2024 Download

Seven prime cybersecurity threats were identified in 2024, with threats against availability topping the chart and followed by ransomware and threats against data, and the report provides a relevant deep-dive on each one of them by analysing…

Best Practices for Cyber Crisis Management

February 27, 2024 Download

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…

All publications

Developing National Vulnerabilities Programmes

16 February, 2023

Based on the experiences and perspectives gathered from industry players and national governments, as well as on the documentation developed by multiple actors involved with national vulnerability initiatives and programmes, the EU Coordinated…

sustained activity by specific threat actors joint publication

Sustained Activity by Threat Actors- Joint Publication

15 February, 2023

ENISA, the EU Agency for Cybersecurity, and CERT-EU, the Computer Emergency Response Team of all the EU institutions, bodies and agencies (EUIBAs), have issued a joint publication to alert on sustained activity by particular threat actors. Malicious…

Engineering Personal Data Sharing

27 January, 2023

This report attempts to look closer at specific use cases relating to personal data sharing, primarily in the health sector, and discusses how specific technologies and considerations of implementation can support the meeting of specific data…

Interoperable EU Risk Management Framework

16 January, 2023

This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research of…

Cybersecurity Education Initiatives in the EU Member States

20 December, 2022

Today, the internet is a tool used in many educational activities, which increases the amount of time children are exposed to cyberspace and its risks. Informing young users about the importance of maintaining personal privacy is not enough to keep…

Cyber Europe 2022: After Action Report

13 December, 2022

Findings from a PAN-EUROPEAN cyber crisis Exercise

Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape

8 December, 2022

The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated…

NIS Investments 2022

23 November, 2022

This report marks the third iteration of ENISA's NIS Investments report, which collects data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in the European Union’s directive on security of network and…

ENISA Threat Landscape 2022

3 November, 2022

This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack…

Post-Quantum Cryptography - Integration study

18 October, 2022

With this report ENISA seeks to give insight on post-standardisation challenges. As a follow-up to ENISA’s 2021 Post-Quantum Cryptography: Current state and quantum mitigation study, the new report explores the necessity to design new cryptographic…