Threat Landscape for Supply Chain Attacks
This report aims at mapping and studying the supply chain attacks that were discovered from January 2020 to early July 2021. Based on the trends and patterns observed, supply chain attacks increased in number and sophistication in the year 2020 and…
Good Practices for Supply Chain Cybersecurity
The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among…
Supply Chain Integrity: An overview of the ICT supply chain risks and challenges, and vision for the way forward (2015)
The root of this report is the assertion that Governments, corporations, organizations, and consumers are increasingly reliant on ICT products and services, and thus on the supply chains that deliver them. As a result of this reliance threats to…
Guidelines for Securing the Internet of Things
This ENISA study defines guidelines for securing the supply chain for IoT. ENISA with the input of IoT experts created security guidelines for the whole lifespan: from requirements and design, to end use delivery and maintenance, as well as…
Smart Grid Security Certification in Europe
The report describes the need for harmonised European smart grid certification practices which cover the complete smart grid supply chain, and are supported by a European platform based on M/490 SGAM1 (Smart Grid Architecture Model) and the concept…
Technologies with potential to improve the resilience of the Internet infrastructure
In 2011 ENISA performed the review of its studies on resilient technologies from 2008-2010, complementing the findings of the previous years and investigating the deployment status of technologies enhancing resilience. Initial review of supply chain…
Artificial Intelligence Cybersecurity Challenges
This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…
EU consistently targeted by diverse yet convergent threat groups
The 2025 ENISA Threat Landscape shows that threat groups are reusing tools and techniques, introducing new attack models, exploiting vulnerabilities and collaborating to target the security and resilience of the EU’s digital infrastructure.
ENISA Threat Landscape 2021
This is the ninth edition of the ENISA Threat Landscape (ETL) report, an annual report that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes relevant mitigation…
Understanding the increase in Supply Chain Security Attacks
The European Union Agency for Cybersecurity mapping on emerging supply chain attacks finds 66% of attacks focus on the supplier’s code.