Search

By Topics

By Type

Published on

Incident notification for DSPs in the context of the NIS Directive

Publications

This report provides preliminary guidelines on how incident notification provisions for Digital Service Providers could be effectively implemented across the EU. Based on valuable input from Member States and companies directly impacted by the…
Private Sector
Cover of the publication titled “NIS 2 Implementation Guidance,” featuring hand icons related to cybersecurity and the NIS 2 logo in the centre, with “June 2025” noted at the bottom.

NIS2 Technical Implementation Guidance

Publications

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors. The…

Private Sector

Stock taking of information security training needs in critical sectors

Publications

The primary objective of this project is to provide a mapping of ENISA’s training program and a strategy to adapt it in the light of the recently adopted EU NIS Directive, catering for the needs of the identified critical sectors.

Private Sector
Visual with a background image of a NIS2-themed book, featuring the ENISA logo and the text: “Turning security measures into clear practical steps. ENISA publishes technical implementation guide.

Supporting NIS2 implementation through actionable guidance

News

The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.

National / EU authorities, Private Sector
Publication cover for Handbook for Cyber Stress Tests - Skyline image with different metrics visual

Handbook for Cyber Stress Tests

Publications

ENISA developed this handbook as guidance for national or sectorial authorities overseeing cybersecurity and resilience of critical sectors, at the national level, regional or EU level under NIS 2…

Private Sector

Demand Side of Cyber Insurance in the EU

Publications

The report analyses current perspectives and challenges of Operator of Essential Services (OESs) related to the acquirement of cyber insurance services. Information and statistics are presented according to the selection, acquisition and use of…
National / EU authorities, Private Sector

Good practices on interdependencies between OES and DSPs

Publications

This study is concerned with dependencies and interdependencies among Operators of Essential Services (OES) and Digital Service Providers (DSPs) as defined in the NIS Directive and addresses emerging dependencies and interdependencies across sectors…
National / EU authorities, Private Sector
Visual promoting the 5th ENISA–ERA Conference on Cybersecurity in Railways, 1–2 December in Tallinn, Estonia, featuring a virtual train.

5th ENISA-ERA Conference on Cybersecurity in Railways

Events

Registration and call for papers are open for the 2025 edition of this conference, that will take place in Tallinn, Estonia, on 1-2 December 2025.

Private Sector

Report on Cyber Security Information Sharing in the Energy Sector

Publications

The purpose of this report is to understand and learn the development of CSIRTs, ISACs, as well as relevant initiatives on information sharing on cyber security incidents in the energy sector by focusing on the subsectors identified in the NIS…
Private Sector

CSIRT Capabilities in Healthcare Sector

Publications

An attack directed at a critical infrastructure, such as a hospital, can lead to physical damages and put the lives of patients at risk. Therefore, there is a need for solid Incident Response Capabilities (IRC) in the health sector, in particular…
National / EU authorities, Private Sector