On April 5th, the European Parliament, the European Commission and the EU Agency for cybersecurity (ENISA) in close cooperation with the EU Member States organised an exercise to test the EU's response to and crisis plans for potential…
Economics of Vulnerability Disclosure
Vulnerability disclosure refers to the process of identifying, reporting and patching weaknesses of software, hardware or services that can be exploited. The different actors within a vulnerability disclosure process are subject to a range of…
Security Framework for Governmental Clouds
ENISA after having analysed the present state of play of governmental Cloud deployment in 2013 report, presents a guide on the steps public administration has to take to deploy cloud computing. This report gives guidance on the process from pre-…
Alerts-Warnings-Announcements
This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams (CERTs, also known as CSIRTs). It describes good practices and provides practical information and guidelines for the process of preparing and…
Recommendations for technical implementation of Art.4
In 2011 ENISA has set up an Expert Group composed of representatives of the EU institutions, Art.29 Working Party, national DPAs and industry. This group helped in the development of the specific technical recommendations for the implementation of…
EU Cyber Cooperation-The Digital Frontline
We all share a common interest in guaranteeing a free, safe and sound life in cyberspace. ENISA
firmly believes EU cyber cooperation is crucial to establishing a proficient and coherent approach
to Network and Information Security (NIS). This…
Trusted e-ID infrastructures and services in EU
ENISA has conducted a survey about the security mechanisms used by TSPs (Trust Service Providers) in Europe, and their interoperability, under the scope of the proposed new Regulation on electronic identification and trust services for electronic…
Annual report Telecom security incidents 2017
The Annual report Telecom security incidents 2017 is the 7th annual report about significant outage incidents in the EU electronic communications sector. The legal framework for this incident reporting process is Article 13a of the Framework…
Recommendations for the security of CAM
The aim of this report is to provide a high-level overview of the cybersecurity challenges in the CAM sector and to highlight both the concerned CAM actors and associated recommendations. Cybersecurity in the CAM ecosystem is partially standardised…
NCSS Good Practice Guide
ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…