This guide complements the existing set of ENISA guides that support Computer Emergency Response Teams. It describes good practices and provides practical information and guidelines for the management of network and information security incidents…
Managed Security Services Market Analysis
This report addresses the market for Managed Security Services (MSS) on both the demand and the supply side. It addresses MSS usage patterns, compliance and skills certification, threats, requirements, incidents and challenges…
Position Paper of the EP3R Task Forces on Incident Management and Mutual Aid Strategies (TF-MASIM)
This document summarises the discussions that happened between April and September 2013 in the EP3R Task Force on Incident Management and Mutual Aid Strategies. The task assigned to this Task Force was to reflect on the potential issues found when a…
EU Managed Security Services Certification to drive the cybersecurity market
Following the request of the European Commission for the development of a candidate certification scheme for Managed Security Services, the EU Agency for Cybersecurity (ENISA) launches a call for expression of interest to participate in the…
Common practices of EU-level crisis management and applicability to the cyber crises
Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…
New Cyber Blueprint to Scale Up the EU Cybersecurity Crisis Management
The revised Blueprint for cybersecurity crisis management was adopted today by the Council of the EU.
ENISA CSIRT Maturity Framework - Updated and improved
This document presents the updated and improved version of ENISA’s Computer Security Incident Response Teams (CSIRT) Maturity Framework that is intended to contribute to the enhancement of the capacity to manage cyber incidents, with a focus on…
Security Framework for Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS…
Best Practices for Cyber Crisis Management
This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends…
Good practices on the implementation of regulatory technical standards
MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is…