Overview of the practices of ICT Certification Laboratories in Europe
This study seeks to identify and analyse the current landscape of ICT security certification laboratories in EU Member States, comparing them also with third countries practices. The findings of this study will constitute the basis for the Agency’s…
Annual Report Trust Services Security Incidents 2017
The Annual report Trust Services security incidents 2017 marks the 1st full year of annual reporting about significant security incidents in the EU's trust services sector. The legal framework for this incident reporting process is Article 19 of the…
Schemes for auditing security measures
Across society there are now critical services which rely on computers, networks and servers. Protecting the security of this information infrastructure is not easy. Often the information infrastructure is run by several organisations and uses…
Guidelines for SMEs on the security of personal data processing
ENISA undertook a study to support SME’s on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the…
ENISA Report - Request to ENISA 2019
The following document provides information of requests handled by the Agency pursuant to the ENISA Founding Regulation as contained in the EU Cybersecurity Act (Regulation (EU) 2019/881). The report does not apply to requests that are described…
Challenges of security certification in emerging ICT environments
This report aims to provide decision makers with a thorough description of the security certification status concerning the most impactful equipment in five different critical business sectors. Results of this study should help to improve and…
Cybersecurity Certification Market Study
This study proposes a set of initial methodological steps to work towards a market analysis on cybersecurity certification of ICT products, ICT services and ICT processes. The performance of a market analysis on cybersecurity certification aims to…
Cloud Computing Risk Assessment
ENISA, supported by a group of subject matter expert comprising representatives from Industries, Academia and Governmental Organizations, has conducted, in the context of the Emerging and Future Risk Framework project, an risks assessment on cloud…
Conformity assessment of Trust Service Providers - Technical guidelines on trust services
Through this document, ENISA is supporting both Trust Service Providers and Conformity Assessment
Bodies in the audit activities by presenting the auditing framework. It aims at helping Trust Service
Providers fulfil the requirements defined by the…
National Cybersecurity Strategies: What’s new in the EU’s national cybersecurity policymaking
The European Union Agency for Cybersecurity (ENISA) unveils the update of the National Cybersecurity Strategies (NCSS) Interactive Map, a dynamic digital platform and tool offering an overview of EU-wide national cybersecurity strategies.