Risk Management Standards
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
Interoperable EU Risk Management Toolbox
This document presents the EU RM toolbox, a solution proposed by ENISA to address interoperability concerns related to the use of information security RM methods. The toolbox aims to facilitate the smooth integration of various RM methods in an…
Interoperable EU Risk Management Framework
This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research of…
Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Information security and privacy standards for SMEs
The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy…
Reframing Cybersecurity Awareness Raising: Exploring the human factor in cybersecurity communication
The Cybersecurity Awareness Raising Conference, powered by ENISA C-level cybersecurity awereness guide, brought together professionals of both the public and private sector.
Network and Information Systems Directive 2 (NIS2)
Understanding the NIS2 Directive: Strengthening Cybersecurity Across the EU
Cyber Energy Week - #PowerYourCyber
Welcome to the official page of the Cybersecurity Energy Week 2023! Europe's electricity sector is at risk: ransomware is the top cyber enemy.
SMEs Cybersecurity
ENISA has consistently advanced initiatives to help SMEs integrate cybersecurity into their digital environments.