Guidelines for trust service providers - Part 3: Mitigating the impact of security incidents
This document recommends measures to mitigate the impact of security incidents on trust service providers (TSP) by proposing suitable technical and organisational means to handle the security risks posed to the TSP. This is done using a…
ENISA Threat Landscape 2013 - Overview of current and emerging cyber-threats
ENISA releases the 2013's ENISA Threat Landscape (ETL 2013). The ENISA Threat Landscape is a collection of top cyber-threats that have been assessed in the reporting period, ie. end 2012-end 2013.
ENISA has collected over 250 reports regarding…
Countering SIM-Swapping
In this study, we give an overview of how SIM-Swapping attacks work, list measures that providers can take to mitigate the attack and make recommendations for policy makers and authorities in the telecom sector and other sectors. Security of…
Indispensable baseline security requirements for the procurement of secure ICT products and services
This short paper can be of use to suppliers and procurement officers when planning, offering and purchasing ICT products, systems and services. It is meant as a practical, technologically neutral document with clear, simple and sector-agnostic…
Briefing: Quantum Key Distribution
The purpose of this briefing is to give an introduction to the possibilities offered by quantum key distribution (QKD), as well as its limitations and the main issues of disagreement between experts in the field. ENISA Briefings are short…
eID Authentication methods in e-Finance and e-Payment services - Current practices and Recommendations
This report collects the results of a survey launched by ENISA (European Network and Information Security Agency). The main purpose of the survey has been to collect information about the electronic IDentity and Authentication Systems (eIDAS) used…
Cyber Insurance: Recent Advances, Good Practices and Challenges
The aim of the report is to raise awareness for the most impactful market advances, by shortly identifying the most significant cyber insurance developments for the past four years – during 2012 to 2016 – and to capture the good practices and…
Big Data Threat Landscape
This Threat Landscape and Good Practice Guide for Big Data provides an overview of the current state of security in the Big Data area. In particular, it identifies Big Data assets, analyses exposure of these assets to threats, lists threat agents,…
Online Platform for Security of Personal Data Processing
This report presents the focus and main functionalities of the ENISA’s online platform for the security of personal data processing. This platform is only one tool, which cannot replace the need of a greater compliance and accountability…
Artificial Intelligence Cybersecurity Challenges
This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…