NCSS Good Practice Guide
ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…
7 Steps to shore up the Border Gateway Protocol (BGP)
In this paper ENISA highlights the security vulnerabilities of BGP and explains why it is so important to address them. Working closely with experts from industry ENISA derived a shortlist of 7 basic BGP security measures which are industry good…
Good practices on the implementation of regulatory technical standards
MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is…
Consult the European Vulnerability Database to enhance your digital security!
The European Union Agency for Cybersecurity (ENISA) has developed the European Vulnerability Database - EUVD as provided for by the NIS2 Directive. The EUVD service, to be maintained by ENISA, is now…
Implementation of Art 15: Security breaches notifications in trust services
The European Commission proposed on July 2012 a draft regulation on electronic identification and trust services for electronic transactions in the internal market, which will replace the existing Electronic Signature Directive 1999/93/EC. Article…
Cybersecurity Stocktaking in the CAM
In this document, the CAM ecosystem and insights involving stakeholder interactions, critical services and infrastructures, standards, as well as security measures are described. The insights gained from the survey, interviews, and desk research…
Annual Incident Reports 2015
For the fifth year, ENISA publishes the annual report about significant outage incidents in the European electronic communications sector, which are reported to ENISA and the European Commission (EC) under Article 13a of the Framework Directive (…
Cyber Incident Reporting in the EU
We summarize different security articles in EU legislation which mandate cyber incidents and cyber security measures. In a single diagram we give an overview of Article 13a and Article 4 of the Telecom package, Article 15 of the proposed eID/eSig…
Communication network dependencies for ICS/SCADA Systems
ENISA is continuing the work on communication network dependencies in industrial infrastructures, focusing in this case on ICS/SCADA systems and networks. The main objective is to provide insight into the communication network interdependencies…
ENISA Smart Grid Security Recommendations
This study makes 10 recommendations to the public and private sector involved in the definition and implementation of smart grids. These recommendations intend to provide useful and practical advice aimed at improving current initiatives, enhancing…