ENISA CSIRT maturity assessment model
This is the updated version of the "Challenges for National CSIRTs in Europe in 2016: Study on CSIRT Maturity" published by ENISA in 2017. The study takes all relevant information sources into account, with a special emphasis on the NIS Directive,…
Guidelines on assessing DSP security and OES compliance with the NISD security requirements
This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
Priorities for EU research
The objective of this current document is to provide an analysis of the research proposals of the ECSO SRIA document by briefly summarizing each research priority, and highlighting the areas where the priorities have to be aligned with the…
Railway Cybersecurity
This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Brokerage model for Network and Information Security in Education
By publishing the Brokerage model for Network & Information Security (NIS) in Education report, we aim to provide content and promote digital education on network and information security at all levels. The target group is composed of educators…
Roadmap for European Cyber Security Month
The European Cyber Security Month 2013 took place in October in 27 countries. By consulting this report the reader will be introduced to the context of ECSM deployment, the policy context, the stakeholder model of engagement, the activities that…
Ad-hoc & sensor networking for M2M Communications - Threat Landscape and Good Practice Guide
The ad-hoc and sensor networking Threat Landscape and Good Practice Guide complements the Annual Cyber Security ENISA Threat Landscape (ETL). It provides a deep overview of the current state of security in the ad-hoc and sensor networking for M2M…
Information sharing and common taxonomies between CSIRTs and Law Enforcement
This Report on Information Sharing and Common Taxonomies between CSIRTs and Law Enforcement Agencies (LEAs) was produced at the initiative of ENISA with the objective to enhance cooperation both between the Member States (MS) of the EU and between…
CSIRT Capabilities in Healthcare Sector
An attack directed at a critical infrastructure, such as a hospital, can lead to physical damages and put the lives of patients at risk. Therefore, there is a need for solid Incident Response Capabilities (IRC) in the health sector, in particular…
Incident Reporting for Cloud Computing
The proposed NIS Directive mentions cloud computing explicitly. This is not surprising. Cloud infrastructures play an increasingly important role in the digital society. A large part of the EU’s Digital Agenda is the European cloud strategy which…