This study focuses on the good practices around the set-up and deployment of a governance framework to support the implementation of the NCSS in the EU. The main aim of this statistical outline is to give an overview of the key findings of the…
National Capabilities Assessment Framework
This report presents the work performed by ENISA to build a National Capabilities Assessment Framework (NCAF). The framework aims at providing Member States with a self-assessment of their level of maturity by assessing their NCSS objectives,…
Building Effective Governance Frameworks for the Implementation of National Cybersecurity Strategies
This study is focusing on the good practices around the set-up and deployment of a governance framework to support the implementation of the NCSS in the EU. The objective is to systematically review existing governance models relevant to the…
Supporting NIS2 implementation through actionable guidance
The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.
Annual report Telecom security incidents 2017
The Annual report Telecom security incidents 2017 is the 7th annual report about significant outage incidents in the EU electronic communications sector. The legal framework for this incident reporting process is Article 13a of the Framework…
Guidelines on assessing DSP security and OES compliance with the NISD security requirements
This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
Telecom Security Incidents 2020 - Annual Report
Security incident reporting has been part of the EU’s telecom regulatory framework since the 2009 reform of the telecom package: Article 13a of the Framework Directive (2009/140/EC) came into force in 2011. The European Electronic Communications…
Telecom Services Security Incidents 2019 Annual Analysis Report
Security incident reporting has been part of the EU’s telecom regulatory framework since the 2009 reform of the telecom package, Article 13a of the Framework directive (2009/140/EC) came into force in 2011. The incident reporting in Article 13a…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
National Cybersecurity Strategies: What’s new in the EU’s national cybersecurity policymaking
The European Union Agency for Cybersecurity (ENISA) unveils the update of the National Cybersecurity Strategies (NCSS) Interactive Map, a dynamic digital platform and tool offering an overview of EU-wide national cybersecurity strategies.