Guidelines - Cyber Risk Management for Ports
This report aims to provide port operators with good practices for cyber risk assessment that they can adapt to whatever risk assessment methodology they follow. In order to achieve this, this report introduces a four-phase approach to cyber risk…
Good practices on the implementation of regulatory technical standards
MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is…
Signalling Security in Telecom SS7/Diameter/5G
The present study has deep dived into a critical area within electronic communications, the security of interconnections in electronic communications (signalling security). Based on the analysis, at this moment there is a medium to high level of…
Good Practices for Security of Internet of Things in the context of Smart Manufacturing
This ENISA study aims at addressing the security and privacy challenges related to the evolution of industrial systems and services precipitated by the introduction of IoT innovations. The main objectives were to collect good practices to ensure…
Putting EU resilience to the test: ENISA handbook on cyber stress testing
The Handbook for Cyber Stress Testing aims to support national authorities in assessing the cybersecurity and resilience of critical sector entities.
Low Earth Orbit (LEO) SATCOM Cybersecurity Assessment
This report explores the cybersecurity of Low Earth Orbit (LEO) constellations providing telecommunications services (LEO satcom). Examining various threats and risks-technical, financial, or commercial the landscape of potential attacks is vast. It…
ENISA good practices for security of Smart Cars
This report defines good practices for security of smart cars, namely connected and (semi-) autonomous vehicles, providing added-value features in order to enhance car users’ experience and improve car safety. Taking stock of all existing…
NCSS Good Practice Guide
ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…
5G Supplement - to the Guideline on Security Measures under the EECC
This document contains a 5G technology profile which supplements the technology-neutral Guideline on Security Measures under the EECC. The document gives additional guidance to competent national authorities about how to ensure implementation and…
CSIRT Capabilities in Healthcare Sector
An attack directed at a critical infrastructure, such as a hospital, can lead to physical damages and put the lives of patients at risk. Therefore, there is a need for solid Incident Response Capabilities (IRC) in the health sector, in particular…