Challenges of security certification in emerging ICT environments
This report aims to provide decision makers with a thorough description of the security certification status concerning the most impactful equipment in five different critical business sectors. Results of this study should help to improve and…
Guidelines on assessing DSP security and OES compliance with the NISD security requirements
This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
ENISA Threat Landscape 2012
The ENISA Threat Landscape provides an overview of threats, together with current and emerging trends. It is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends. Over 140 recent…
Ontology and taxonomies of resilience
Existing standards in the field have so far only addressed resilience indirectly and thus without detailed definition of the taxonomy and thus of the semantics of security. The primary purpose of an ontology and taxonomies defined in this context is…
Fog and Edge Computing in 5G
This report focuses on the fundamentals of fog and edge, an overview of their security aspects, the open challenges that these sectors face, the related standardisation efforts, the existing opportunities in this field, and different application…
Advancing Software Security in the EU
This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to…
EUCS – Cloud Services Scheme
This publication is a draft version of the EUCS candidate scheme (European Cybersecurity Certification Scheme for Cloud Services), which looks into the certification of the cybersecurity of cloud services. In accordance with Article 48.2 of the…
Securing Machine Learning Algorithms
Based on a systematic review of relevant literature on machine learning, in this report we provide a taxonomy for machine learning algorithms, highlighting core functionalities and critical stages. The report also presents a detailed analysis of…
ENISA good practices for security of Smart Cars
This report defines good practices for security of smart cars, namely connected and (semi-) autonomous vehicles, providing added-value features in order to enhance car users’ experience and improve car safety. Taking stock of all existing…
State of Vulnerabilities 2018/2019 - Analysis of Events in the life of Vulnerabilities
The purpose of this report is to provide an insight on both the opportunities and limitations the vulnerability ecosystem offers. By using the vulnerabilities published during the year of 2018 and Q1-Q2 of 2019 as a vehicle, this report goes beyond…