This report addresses the market for Managed Security Services (MSS) on both the demand and the supply side. It addresses MSS usage patterns, compliance and skills certification, threats, requirements, incidents and challenges…
EU Managed Security Services Certification to drive the cybersecurity market
Following the request of the European Commission for the development of a candidate certification scheme for Managed Security Services, the EU Agency for Cybersecurity (ENISA) launches a call for expression of interest to participate in the…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Advancing Software Security in the EU
This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to…
Information security and privacy standards for SMEs
The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy…
European Cyber Security Month 2016 - Deployment report
For the fourth consecutive year, last October the European Cyber Security Month (ECSM) campaign took place across Europe. The campaign was supported by ENISA, the European Commission, Europol’s EC3 and the European Banking Federation, plus partners…
Cyber Security Culture in organisations
To assist in promoting both the understanding and uptake of CSC programmes within organisations, this report draws from multiple disciplines, including organisational sciences, psychology, law and cybersecurity. It is complemented by knowledge and…
Cybersecurity guide for SMEs - 12 steps to securing your business
The COVID-19 crisis showed how important the Internet and computers in general are for SMEs. In order to thrive in business during the pandemic many SMEs had to take business continuity measures, such as adopting to cloud services, improving…
Good Practice Guide for Addressing Network and Information Security Aspects of Cybercrime
In 2010 ENISA started its support for operational collaboration between the Computer Emergency Response Teams (CERTs) in the Member States on the one hand and Law Enforcing Agencies (LEA) on the other hand. Various activities have since been…
Methodology for Sectoral Cybersecurity Assessments
The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification…