Information security and privacy standards for SMEs
The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Cyber Security Culture in organisations
To assist in promoting both the understanding and uptake of CSC programmes within organisations, this report draws from multiple disciplines, including organisational sciences, psychology, law and cybersecurity. It is complemented by knowledge and…
European Cyber Security Month 2016 - Deployment report
For the fourth consecutive year, last October the European Cyber Security Month (ECSM) campaign took place across Europe. The campaign was supported by ENISA, the European Commission, Europol’s EC3 and the European Banking Federation, plus partners…
Secure Group Communications for incident response and operational communities
With a number of cybersecurity incidents and an attack surface that increase every day, spanning from large infrastructures to the end users, there is the need to improve operational cooperation, preparedness and information exchange by promoting…
Cybersecurity guide for SMEs - 12 steps to securing your business
The COVID-19 crisis showed how important the Internet and computers in general are for SMEs. In order to thrive in business during the pandemic many SMEs had to take business continuity measures, such as adopting to cloud services, improving…
How to set up CSIRT and SOC
This publication provides results-driven guidance for those who are interested in establishing a computer security incident response team (CSIRT) or security operations centre (SOC), and guidance on possible improvements for different types of…
European Cybersecurity Month 2017 - Deployment Report
For the fifth consecutive year, last October the European Cyber Security Month (ECSM) campaign was successfully executed across Europe. The campaign was coordinated and supported by ENISA, the European Commission, Europol’s Cyber Crime Centre (EC3…
ENISA CSIRT Maturity Framework - Updated and improved
This document presents the updated and improved version of ENISA’s Computer Security Incident Response Teams (CSIRT) Maturity Framework that is intended to contribute to the enhancement of the capacity to manage cyber incidents, with a focus on…
2021 Report on CSIRT-Law Enforcement Cooperation
The purpose of this report is to further explore and support the cooperation between computer security incident response teams (CSIRTs), in particular national and governmental CSIRTs, and Law enforcement agencies (LEAs) and their interactions with…