Risk Management Studio Tool
The tool Risk Management Studio has been updated on the inventory of RM/RA tools.
Artificial Intelligence Cybersecurity Challenges
This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…
Situational Report on Microsoft Exchange Vulnerabilities
This ENISA situation report provides an assessment as well as advice and mitigation measures for the MS Exchange vulnerabilities. The threat for the new updates has been assessed as severe and ENISA considers attacks probable and of high risk. The…
Security Framework for Qualified Trust Service Providers
This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation, to which both non-QTSP and QTSP are subject. Nevertheless, Article 19.1 states that the security measures “shall ensure that the level of…
NCSS Good Practice Guide
ENISA published its first National Cyber Security Strategy Good Practice Guide in 2012. Since then, EU Member States and EFTA countries have made great progress in developing and implementing their strategies. This guide is updating the different…
How to achieve the Interoperability of EU Risk Management Frameworks
The European Union Agency for Cybersecurity (ENISA) issues an analysis of the interoperability potential of cybersecurity risk management frameworks and methodologies to improve decision-making.
Emerging and Future Risks: Call for Scenario Proposals
In 2010 ENISA will perform two new assessments of emerging and future risks.
This call for proposal aims to collect scenarios based on emerging technologies and applications and to assess emerging and future risks.
The deadline for proposals…
Securing Personal Data: a risk-based approach
To mark Data Protection Day 2020 on 28 January, the EU Agency for Cybersecurity launches an online platform to assist in the security of personal data processing; this platform implements a risk-based approach to personal data security as a means to…
Cloud Security for Healthcare Services
This study aims to provide Cloud security practices for the healthcare sector and identify security aspects, including relevant data protection aspects, to be taken into account when procuring Cloud services for the healthcare industry. The set of…
Auditing Framework for TSPs
This report provides an overview of the dedicated means of auditing for TSPs. It discusses specifically the following areas: standards applicable to TSPs and Conformity Assessment Bodies (auditors), methodology of auditing TSPs (off- and on-site),…