Security Framework for Qualified Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of…
Mapping of OES Security Requirements to Specific Sectors
The current report provides a substantial and comprehensive mapping of the security requirements for OES, as they have been agreed in the NISD Cooperation Group, to sector specific information security standards. ENISA conducted desktop research on…
Assessment of EU Telecom Security Legislation
European Union telecom security legislation has been changing over the last few years. In light of these policy changes, ENISA carried out an assessment of the implementation of EU telecom security policy, to inform policy makers in the Commission…
Recommendations for the security of CAM
The aim of this report is to provide a high-level overview of the cybersecurity challenges in the CAM sector and to highlight both the concerned CAM actors and associated recommendations. Cybersecurity in the CAM ecosystem is partially standardised…
Annual Report - Trust Services Security Incidents 2023
ENISA’s 2023 report on trust services security incidents provides the seventh…
Secure ICT Procurement in Electronic Communications
The report, “Secure ICT Procurement in Electronic Communications”, focuses on the growing dependency of electronic communications service providers on ICT products and outsourced services, it analyses security risks associated with third party ICT…
Secure Communication with the CERTs & Other Stakeholders
The main objective of the project “Secure Communications with the CERTs and other Stakeholders”, which is one of the ENISA activities related to reinforcing communications between CERTs in the Member States, is the preparation work for a report on…
Securing personal data in the context of data retention
Data retention legislation has been adopted to address concerns related to national security and serious criminal activity. The legislation provides access to communication data for law enforcement purposes. However, according to the Data Retention…
Appropriate security measures for smart grids
This document introduces a set of cyber security measures for smart grids. These measures are organised in ten (10) domains and three sophistication levels.
Collaborative Solutions For Network Information Security in Education
This report, ‘Collaborative Solutions For Network Information Security in Education’, is a continuation of the work undertaken in 2011 which resulted in the publication of the report ‘Network Information Security in Education: Consolidated ENISA…