The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.
Reinforcing trust and security in the area of electronic communications and online services
This study provides an overview of well-established security practices, for the purpose of sketching the notion of “state-of-the-art” in a number of categories of measures, as they are listed in ENISA’s guidelines for SMEs on the security of…
Trust and Reputation Models
Reputation systems are a key success factor of many websites, enabling users and customers to have a better understanding of the information, products and services being provided. However, by using reputation systems, individuals place themselves at…
On the security, privacy and usability of online seals
This report analyses the conditions under which online security and privacy seals (OSPS) can be deployed to support users to make an informed trust decision about Web services and their providers with respect to the provided security and privacy.…
Towards global acceptance of eIDAS audits
The goal of the study is to explore the eIDAS Conformity Assessment Report (CAR), the corresponding audit requirements, gaps arising from comparison with competing audit schemes, and the emergent issues at the core of the global conversation between…
Auditing Framework for TSPs
This report provides an overview of the dedicated means of auditing for TSPs. It discusses specifically the following areas: standards applicable to TSPs and Conformity Assessment Bodies (auditors), methodology of auditing TSPs (off- and on-site),…
Consultation on the draft of the candidate Certification Scheme on Cloud Services (EUCS) - Closed
The European Union Agency for Cybersecurity (ENISA) launched a public consultation from the 22nd December 2020 to the 7th of February 2021 on its first draft of the candidate European Union Cybersecurity Certification Scheme on Cloud Services (…
Digital Identity Standards
This report gives an overview of the most important standards and standardisation organisations in this area. This information is useful for the novice, to find out what is available, but also for more experienced readers who might not be aware of…
Remote Identity Proofing - Attacks & Countermeasures
Remote identity proofing is a crucial element in creating trust for digital services. The present study analyses the collection and validation of evidence provided by the applicant to complete the verification of his or her identity. More…
