ENISA Cybersecurity Market Analysis Framework (ECSMAF)
This document is the cornerstone of ENISA activities in analysing the EU cybersecurity market: it presents a cybersecurity market analysis framework as a “cookbook” on how EU cybersecurity market analyses can be performed.
ENISA Cybersecurity Market Analysis Framework (ECSMAF) -V2.0
This document is the cornerstone of ENISA activities in analysing the EU cybersecurity market. It presents the updated cybersecurity market analysis framework, a guidance, on how EU cybersecurity market analyses can be performed
Cybersecurity roles and skills for NIS2 Essential and Important Entities
ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively. The guidance is based on the…
Supporting NIS2 implementation through actionable guidance
The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.
Gaps in NIS standardisation - Recommendations for improving NIS in EU standardisation policy
This report recommends that the European Commission, with the support of the Member States, pursuant to the NIS Directive, adopt a standards based framework for the exchange of threat and defensive measure information that impacts the functioning of…
Guidelines on assessing DSP security and OES compliance with the NISD security requirements
This report presents the steps of an information security audit process for the OES compliance, as well as of a self-assessment/ management framework for the DSP security against the security requirements set by the NIS Directive. In addition, it…
CRA - Making the EU Market Resilient
Join us for the first edition of the CRA – Making the EU Market Resilient, conference taking place on 8 October 2025 in Bucharest.
Challenges of security certification in emerging ICT environments
This report aims to provide decision makers with a thorough description of the security certification status concerning the most impactful equipment in five different critical business sectors. Results of this study should help to improve and…
Cybersecurity Certification Market Study
This study proposes a set of initial methodological steps to work towards a market analysis on cybersecurity certification of ICT products, ICT services and ICT processes. The performance of a market analysis on cybersecurity certification aims to…
Demand Side of Cyber Insurance in the EU
The report analyses current perspectives and challenges of Operator of Essential Services (OESs) related to the acquirement of cyber insurance services. Information and statistics are presented according to the selection, acquisition and use of…