Railway Cybersecurity
This ENISA study regards the level of implementation of cybersecurity measures in the railway sector, within the context of the enforcement of the NIS Directive in each European Member State. It presents a thorough list of essential railway…
Port Cybersecurity - Good practices for cybersecurity in the maritime sector
Developed in collaboration with several EU ports, this report intends to provide a useful foundation on which CIOs and CISOs of entities involved in the port ecosystem, especially port authorities and terminal operators, can build their…
Procurement Guidelines for Cybersecurity in Hospitals
As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…
Cybersecurity Stocktaking in the CAM
In this document, the CAM ecosystem and insights involving stakeholder interactions, critical services and infrastructures, standards, as well as security measures are described. The insights gained from the survey, interviews, and desk research…
EU Cybersecurity Initiatives in the Finance Sector
The finance sector is a heavily regulated sector, and cybersecurity provisions are already included in multiple EU policies and legislations (e.g. PSD 2 , MIFID II ). EU institutions, agencies, bodies, regulators and other groups of stakeholders run…
Good Practices for Supply Chain Cybersecurity
The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…
ENISA Foresight Cybersecurity Threats for 2030
This study aims to identify and collect information on future cybersecurity threats that could affect the Union’s infrastructure and services, and its ability to keep European society and citizens digitally secure.
Cybersecurity Culture Guidelines: 'Technical Annex: Evidence Reviews'
This technical annex contains the four reviews that supported the writing of the report Review of “Behavioural Sciences Research in the Field of Cybersecurity”. The reviews are:
1. Measurement of cyber security attitudes and behaviours, 2.…
Cybersecurity and privacy in AI - Medical imaging diagnosis
This report allows better assessment of the reality that artificial intelligence brings its own set of threats, which consequently insists on the search for new security measures to counter them. Finally, it should be noted that this guide strongly…
Foresight Cybersecurity Threats For 2030 - Update 2024: Extended report
This is the second iteration of the “ENISA Foresight Cybersecurity Threats for 2030” study that represents a comprehensive analysis and assessment of emerging cybersecurity threats projected for the year 2030. The report reassesses the previously…