Flash note: Cyber-attacks – a new edge for old weapons
The EU’s cyber security agency ENISA has analysed recent major cyber-attacks and is calling for Europe’s businesses and government organisations to take urgent action to combat emerging attack trends. These are characterised by established attack…
Developing National Vulnerabilities Programmes
Based on the experiences and perspectives gathered from industry players and national governments, as well as on the documentation developed by multiple actors involved with national vulnerability initiatives and programmes, the EU Coordinated…
Good Practice Guide on Vulnerability Disclosure. From challenges to recommendations
Vulnerabilities are ‘flaws’ or ‘mistakes’ in computer-based systems that may be exploited to compromise the network and information security of affected systems. They provide a point-of-entry or gateway to exploit a system and as such pose…
Definition of Cybersecurity - Gaps and overlaps in standardisation
This document analyses the usage of this term by various stakeholders and reviews standardisation activities in the area of Cybersecurity, providing an overview of overlaps and gaps in available standards. It has been written by CSCG and ENISA…
Big Data Security
The study aims at identifying the key security challenges that the companies are facing when implementing Big Data solutions, from infrastructures to analytics applications, and how those are mitigated. The analysis focuses on the use of Big Data by…
Good Practice Guide for securely deploying Governmental Clouds
In this report, ENISA identifies the Member States with operational government Cloud infrastructures and underlines the diversity of Cloud adoption in the public sector in Europe. Moreover through this document, ENISA aims to assist Member States in…
Analysis of the European R&D priorities in cybersecurity
The present document provides a series of recommendations for the priorities in the EU for R&D in the domain of ICT security made after analysis of a wide series of interviews with domain experts.
The proposed research priorities have the aim to…
NCSS Good Practice Guide
ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…
Incident Reporting for Cloud Computing
The proposed NIS Directive mentions cloud computing explicitly. This is not surprising. Cloud infrastructures play an increasingly important role in the digital society. A large part of the EU’s Digital Agenda is the European cloud strategy which…
Can we learn from SCADA security incidents?
Security experts across the world continue to sound the alarm bells about the security of Industrial Control Systems (ICS). Industrial Control Systems look more and more like consumer PCs.
They are used everywhere and involve a considerable amount…