Good practice guide for CERTs in the area of Industrial Control Systems - Computer Emergency Response Capabilities considerations for ICS
This document builds upon the current practice of CSIRTs with responsibilities for ICS networks, and also on the earlier work of ENISA on a baseline capabilities scheme for national/ governmental (n/g) CSIRTs. The document is an initial attempt to…
Consumerization of IT: Final report on Risk Mitigation Strategies and Good Practices
This report presents security policies that can be deployed to mitigate risks that are related with the trend of Consumerization of IT (COIT) and Bring Your Own Device (BYOD). The aim of this document is to identify mitigation strategies, policies…
eHealth security in the spotlight: A good practice guide for a robust and resilient EU health sector
Unveiled on the sidelines of the 10th edition of the eHealth Security conference, the European Union Agency for Cybersecurity (ENISA) publishes a good practice guide to support entities of the health sector in strengthening their digital security…
Procurement Guidelines for Cybersecurity in Hospitals
As cybersecurity becomes more of a priority for hospitals, it is essential that it is integrated holistically in the different processes, components and stages influencing the healthcare ICT ecosystem. Procurement is a key process shaping the ICT…
FAQ on NSIE
FAQs to the report Good Practice Guide Network Security
Information Exchanges
Building Effective Governance Frameworks for the Implementation of National Cybersecurity Strategies
This study is focusing on the good practices around the set-up and deployment of a governance framework to support the implementation of the NCSS in the EU. The objective is to systematically review existing governance models relevant to the…
DNS Identity
This report provides a view of authentication and verification of domain name owners in the context of domain name registration. It identifies the security challenges, good practices, security controls and associated risks in the domain name…
Architecture model of the transport sector in Smart Cities
The main objective of this study is to model the architecture of the transport sector in SCs and to describe good cyber security practices of IPT operators. The good practices are put into a relationship with different city maturity levels. This…
Threat Landscape of Internet Infrastructure
This study details a list of good practices that aim at securing an Internet infrastructure asset from Important Specific Threats. A gap analysis identifies that some assets remain not covered by current good practices: human resources (…
Analysis of security measures deployed by e-communication providers
The aim of this document is to provide an overview of good practices as regards security measures that are deployed by electronic communication providers in Europe