Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…
Common practices of EU-level crisis management and applicability to the cyber crises
Despite a number of initiatives within the European Network and Information Security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents, and in particular these which lead to crisis…
Digital Identity: Leveraging the SSI Concept to Build Trust
The maintenance of continuity in social life, businesses and administration has accelerated the reflection on the possibility of a need for such decentralised electronic identity. This report explores the potential of self-sovereign identity (SSI)…
Post-Quantum Cryptography: Current state and quantum mitigation
This study provides an overview of the current state of affairs on the standardization process of Post-Quantum Cryptography (PQC). It presents the 5 main families of PQ algorithms; viz. code-based, isogeny-based, hash-based, lattice-based and…
Good practices in the implementation of regulatory technical standards
ENISA publishes today ‘Good practices in the implementation of regulatory technical standards’, a study on the implementation of the PSD2 in the 28 Member States of the European Union.
How Cybersecurity Standards Support the Evolving EU Legislative Landscape
The European Union Agency for Cybersecurity (ENISA) joined forces with the European Standards Organisations (ESOs), CEN, CENELEC and ETSI, to organise their 7th annual conference. The hybrid conference focused on "European Standardisation in support…
ENISA publishes a Tool for the Mapping of Dependencies to International Standards
The EU Agency for Cybersecurity publishes a tool to map international security standards to interdependencies’ indicators.
The importance of standards in electronic identification and trust services providers
ENISA publishes a new report on the importance of standards in the area of electronic identification and trust services providers.
ENISA study looks into the adoption of security and privacy standards by SMES
ENISA carried out in 2015 a project with the objective of providing a set of relevant recommendations on how to increase the adoption of information security and privacy standards by SMEs. Additionally, the report identifies and describes…
Cybersecurity Certification: Candidate EUCC Scheme V1.1.1
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…