Recommendations for a methodology of the assessment of severity of personal data breaches
The European Union Agency for Network and Information Security (ENISA) reviewed the existing measures and the procedures in EU Member States with regard to personal data breaches and published in 2011 a study on the technical implementation of the…
Flash Note: Can Recent Attacks Really Threaten Internet Availability?
ENISA is recommending that Internet network providers implement long-known traffic filtering techniques, which could have countered a major cyber incident that hit services across western Europe last Month (March 2013)
ECSC 2020 Analysis Report
This report analyses the efforts provided by ENISA and national partners during the 2020 to support the growing of the European Cyber Security Challenge. The 7th Edition of the European Cyber Security Challenge, ECSC2020 planned initially for the…
Handbook on Security of Personal Data Processing
The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases…
Railway Cybersecurity - Good Practices in Cyber Risk Management
This report aims to be a reference point for current good practices for cyber risk management approaches that are applicable to the railway sector. It offers a guide for railway undertakings and infrastructure managers to select, combine or adjust…
Flash Note: Password security-a joint effort between end-users and service providers
Just halfway through 2012, data leaks have already exposed millions of users’ sensitive personal data including password information. ENISA is reminding service providers to follow best practices to better protect sensitive data.
Latest Report on National and International Cyber Security Exercises
During this study ENISA gathered and analysed a large set of over 200 exercises.
In addition to the exercise dataset, ENISA analysed specialised literature such as after-action reports and previous studies that have contributed to the analysis.…
Standardisation in the field of Electronic Identities and Trust Service Providers
This paper explains why standards are important for cyber security, specifically in the area of electronic identification and trust services providers. A number of challenges associated with the definition and deployment of standards in the area of…
An evaluation framework for Cyber Security Strategies
ENISA work on the evaluation of National Cyber Security Strategies (NCSS) addressing to policy experts and government officials who design, implement and evaluate an NCSS policy. It aims to be a flexible and pragmatic tool based on…
European Cybersecurity Month 2023 - Campaign report
European Cybersecurity Month (ECSM) 2023 took a different approach than in 2022. ENISA decided to take cybersecurity awareness to a different level, transforming the original ECSM campaign, which used to take place only during October, into a…