5G Cybersecurity Standards
This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.
Overview of standards related to eIDAS
The scope of this document is to assess the suitability of the recently published ENs to fulfil the eIDAS Regulation requirements, and to describe the differences with the previous TSs, in view of a possible update of the list of standards…
Cybersecurity of AI and Standardisation
The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
Cyber Resilience Act Requirements Standards Mapping - Joint Research Centre & ENISA Joint Analysis
To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…
Cybersecurity Standardisation Conference 2025: Paving the Way for a Safer Digital Europe
The European Standardisation Organisations (ESOs) CEN, CENELEC, ETSI, together with ENISA, the EU Agency for Cybersecurity, successfully co-hosted the 9th Cybersecurity Standardisation Conference on 20 March 2025 in Brussels.
Cybersecurity Certification: Candidate EUCC Scheme
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
9th Cybersecurity Standardisation Conference
European standardisation supporting new legislative cybersecurity landscape
Guidelines on assessing DSP security and OES compliance with the NISD security requirements
This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
Advancing Software Security in the EU
This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to…
Security in 5G Specifications - Controls in 3GPP
The objective of this report is to help MS implementing the technical measure TM02 from the EU toolbox on 5G security.
The report is also intended to help national competent and regulatory authorities get a better picture of the standardisation…