Cloud Computing Risk Assessment
ENISA, supported by a group of subject matter expert comprising representatives from Industries, Academia and Governmental Organizations, has conducted, in the context of the Emerging and Future Risk Framework project, an risks assessment on cloud…
Annual Report Trust Services Security Incidents 2017
The Annual report Trust Services security incidents 2017 marks the 1st full year of annual reporting about significant security incidents in the EU's trust services sector. The legal framework for this incident reporting process is Article 19 of the…
Challenges of security certification in emerging ICT environments
This report aims to provide decision makers with a thorough description of the security certification status concerning the most impactful equipment in five different critical business sectors. Results of this study should help to improve and…
ENISA Report - Request to ENISA 2019
The following document provides information of requests handled by the Agency pursuant to the ENISA Founding Regulation as contained in the EU Cybersecurity Act (Regulation (EU) 2019/881). The report does not apply to requests that are described…
Cybersecurity Certification Market Study
This study proposes a set of initial methodological steps to work towards a market analysis on cybersecurity certification of ICT products, ICT services and ICT processes. The performance of a market analysis on cybersecurity certification aims to…
Conformity assessment of Trust Service Providers - Technical guidelines on trust services
Through this document, ENISA is supporting both Trust Service Providers and Conformity Assessment
Bodies in the audit activities by presenting the auditing framework. It aims at helping Trust Service
Providers fulfil the requirements defined by the…
Security certification practice in the EU - Information Security Management Systems - A case study
This report aims at providing input for the adoption of a framework on privacy certifications, as well as for eGovernment certification in Europe. There are numerous IT security certification schemes across the European Member States that can serve…
Definition of Cybersecurity - Gaps and overlaps in standardisation
This document analyses the usage of this term by various stakeholders and reviews standardisation activities in the area of Cybersecurity, providing an overview of overlaps and gaps in available standards. It has been written by CSCG and ENISA…
Technical guideline for Incident Reporting
This document describes a framework for security incident reporting based on the requirements set by article 19 of the eIDAS regulation. It is being developed on a consensus basis between the experts of the working group formed by ENISA and it is…
EISAS Basic toolset
This study describes how EU Member States can deploy the European Information Sharing and Alert System (EISAS) framework for its target group comprised of citizens and small & medium enterprises (SMEs). The report highlights the way to reach…