This publication outlines the updated ENISA Cybersecurity Threat Landscape (CTL) methodology, building on the 2021 Threat Landscape Report and the 2022 methodology. It aims to provide a more actionable and streamlined approach for producing…
ENISA Threat Landscape Methodology
By establishing the ENISA Cybersecurity Threat Landscape (CTL) methodology, the Agency aims to set a baseline for the transparent and systematic delivery of horizontal, thematic, and sectorial cybersecurity threat landscapes. The following threat…
Interoperable EU Risk Management Framework
This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research of…
EU consistently targeted by diverse yet convergent threat groups
The 2025 ENISA Threat Landscape shows that threat groups are reusing tools and techniques, introducing new attack models, exploiting vulnerabilities and collaborating to target the security and resilience of the EU’s digital infrastructure.
Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…
Risk Management Standards
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
ENISA Threat Landscape 2021
This is the ninth edition of the ENISA Threat Landscape (ETL) report, an annual report that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes relevant mitigation…
Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape
The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated…
How to map the Cybersecurity Threat Landscape? Follow the ENISA 6-step Methodology
The cybersecurity threat landscape methodology developed by the European Union Agency for Cybersecurity (ENISA) aims at promoting consistent and transparent threat intelligence sharing across the European Union.
Ransomware: Publicly Reported Incidents are only the tip of the iceberg
The threat landscape report on ransomware attacks published today by the European Union Agency for Cybersecurity (ENISA) uncovers the shortcomings of the current reporting mechanisms across the EU.