The report outlines the findings on data breach, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.
ENISA Threat Landscape 2020 - Identity Theft
The report outlines the findings on identity theft, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.
ENISA Threat Landscape 2020 - Information Leakage
The report outlines the findings on information leakage, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided
ENISA Threat Landscape 2020 - Distributed denial of service
The report outlines the findings on ddos attacks, provides a description and analysis of the domain and lists relevant recent incidents. A series of proposed actions for mitigation is provided.
CSIRT Capabilities in Healthcare Sector
An attack directed at a critical infrastructure, such as a hospital, can lead to physical damages and put the lives of patients at risk. Therefore, there is a need for solid Incident Response Capabilities (IRC) in the health sector, in particular…
Sectoral CSIRT Capabilities - Energy and Air Transport
This study provides a continuation of work on Sectoral IRC at European level following the publication of the 2019 “EU Member States incident response development status report”. The report focuses on trends in Energy and Air Transport Incident…
Technical Guideline on Threats and Assets
The Technical Guideline on Threats and Assets provides National Regulatory Authorities (NRAs) with a glossary of terms to communicate about the most significant threats and network assets involved in disruptions in electronic communications networks…
Security Framework for Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS…
Incident Reporting
Good Practice Guide on Incident Reporting Mechanisms
Common practices of EU-level crisis management and applicability to the cyber crises
Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…