Technical Guidelines for the implementation of minimum security measures for Digital Service Providers
ENISA has issued this report to assist Member States and DSPs in providing a common approach regarding the security measures for DSPs. This particular initiative has been achieved by examining current information and network security practices for…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
Security Framework for Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS…
Cloud Security for Healthcare Services
This study aims to provide Cloud security practices for the healthcare sector and identify security aspects, including relevant data protection aspects, to be taken into account when procuring Cloud services for the healthcare industry. The set of…
Cyber Security and Resilience of smart cars
The objective of this study is to identify good practices that ensure the security of smart cars against cyber threats, with the particularity that smart cars’ security shall also guarantee safety. The study lists the sensitive assets present in…
5G Security Controls Matrix
The ENISA 5G Security controls matrix is a comprehensive and dynamic matrix of security controls and best practices for 5G networks, to support the national authorities in the EU Member States with implementing the technical measures of the EU’s 5G…
Reinforcing trust and security in the area of electronic communications and online services
This study provides an overview of well-established security practices, for the purpose of sketching the notion of “state-of-the-art” in a number of categories of measures, as they are listed in ENISA’s guidelines for SMEs on the security of…
Security of Mobile Payments and Digital Wallets
The primary objective of this paper is the production of guidelines to assist mobile payment developers and mobile payment providers towards recommended security controls which if implemented would help ensure that consumers, retailers and financial…
Security Framework for Qualified Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of…
Stock taking of security requirements set by different legal frameworks on OES and DSPs
In order to support organisations in their process of identifying appropriate security measures, based on the provisions of both NISD and GDPR, this report uses as basis the pre-existing ENISA guidance and presents a mapping of already identified…