Search

By Topics

By Type

Published on
Cover page of an ENISA report titled 'Cybersecurity Roles and Skills for NIS2 Essential and Important Entities', featuring a person typing on a laptop with floating digital icons representing cybersecurity roles. The report is dated June 2025 and maps NIS2 obligations to the ECSF.

Cybersecurity roles and skills for NIS2 Essential and Important Entities

Publications

 ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the…

National / EU authorities, Private Sector
The EU Cybersecurity Index 2024 cover

The EU Cybersecurity Index 2024

Publications

The EU Cybersecurity Index (EU-CSI) is a tool, developed by ENISA in collaboration with the Member States, to describe the cybersecurity posture of Member States and the EU. 

The intent of this publication is two-fold:
• Presenting…

National / EU authorities
New National Cybersecurity Strategies map - visual with futuristic background

National Cybersecurity Strategies: What’s new in the EU’s national cybersecurity policymaking

News

The European Union Agency for Cybersecurity (ENISA) unveils the update of the National Cybersecurity Strategies (NCSS) Interactive Map, a dynamic digital platform and tool offering an overview of EU-wide national cybersecurity strategies.

National / EU authorities

Railway Cybersecurity

Publications

This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Private Sector
2024 report - state of cybersecurity in the union - report

2024 Report on the State of the Cybersecurity in the Union

Publications

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (…

National / EU authorities

Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'

Publications

This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are: 1. Measurement of cyber security attitudes and behaviours, 2.…
Private Sector

Port Cybersecurity - Good practices for cybersecurity in the maritime sector

Publications

Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
Private Sector

Good Practices for Supply Chain Cybersecurity

Publications

The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…

National / EU authorities, Private Sector

EU Cybersecurity Initiatives in the Finance Sector

Publications

The finance sector is a heavily regulated sector, and cybersecurity provisions are already included in multiple EU policies and legislations (e.g. PSD 2 , MIFID II ). EU institutions, agencies, bodies, regulators and other groups of stakeholders run…
Private Sector

Procurement Guidelines for Cybersecurity in Hospitals

Publications

As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…

Private Sector