Methodology for Sectoral Cybersecurity Assessments
The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification…
Interoperable EU Risk Management Framework
This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research of…
Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…
Risk Management Standards
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
Cybersecurity Certification: Candidate EUCC Scheme
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
Cybersecurity Certification: Candidate EUCC Scheme V1.1.1
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
Cybersecurity Standardisation Conference 2025: Paving the Way for a Safer Digital Europe
The European Standardisation Organisations (ESOs) CEN, CENELEC, ETSI, together with ENISA, the EU Agency for Cybersecurity, successfully co-hosted the 9th Cybersecurity Standardisation Conference on 20 March 2025 in Brussels.
An EU Prime! EU adopts first Cybersecurity Certification Scheme
The European Cybersecurity Scheme on Common Criteria (EUCC) drafted by the European Union Agency for Cybersecurity (ENISA) has been adopted as the first scheme within the EU cybersecurity certification framework.
Exploring the Feasibility of EU Cybersecurity Certification in support of New Technologies
Once more, the European Union Agency for Cybersecurity (ENISA), organises the Cybersecurity Certification Conference, during the twice annually cybersecurity certification week that brings together experts, private stakeholders and public…
Cybersecurity Certification: breaking new ground
This year the European Union Agency for Cybersecurity (ENISA), has returned with its recurrent Cybersecurity Certification Conference.