Analysis of ICS-SCADA Cyber Security Maturity Levels in Critical Sectors
This study reveals the current maturity level of ICS-SCADA cyber security in Europe and identifies good practices used by European Member States to improve this area. The first and second part of this study introduces us to the ICS-SCADA cyber…
Secure Use of Cloud Computing in the Finance Sector
In creating this report we analysed input from a number of different sources to better understand the usage of cloud services in the finance sector. Based on the analysis we provide recommendations to financial institutions, regulators and cloud…
Considerations on ICT security certification in EU - Survey Report
Over the last years, ENISA has engaged in a number of activities in pursuit of supporting the Commission and the Member States in identifying a way forward on the certification of ICT security products and services, which on the one hand seeks to…
Trust Services Security Incidents 2019 Annual Analysis Report
This report gives an aggregated overview of Trust Services Security Incidents in 2019, showing root causes, statistics and trends. It marks the fourth round of security incident reporting for the EU’s trust services sector. The annual summary…
Technical Guidelines for the implementation of minimum security measures for Digital Service Providers
ENISA has issued this report to assist Member States and DSPs in providing a common approach regarding the security measures for DSPs. This particular initiative has been achieved by examining current information and network security practices for…
Proactive detection of security incidents II - Honeypots
An increasing number of complex attacks demand improved early warning detection capabilities for CERTs. By having threat intelligence collected without any impact on production infrastructure, CERTs can better defend their constituencies assets.…
Guideline on assessing security measures in the context of Article 3(3) of the Open Internet regulation
This guideline regards the security exceptions in the EU net neutrality rules. It offers a checklist and an evaluation form to help NRAs in deciding whether or not a provider is allowed to take a security measure, for example blocking certain…
ENISA good practices for security of Smart Cars
This report defines good practices for security of smart cars, namely connected and (semi-) autonomous vehicles, providing added-value features in order to enhance car users’ experience and improve car safety. Taking stock of all existing…
The European Cyber Security Challenge: Lessons Learned report
The ECSC is an initiative of multiple European countries supported by the European Union Agency for Network and Information Security (ENISA) that aims at engaging cybersecurity talent across Europe and connecting high potentials.
This report…
Report on Cyber Security Information Sharing in the Energy Sector
The purpose of this report is to understand and learn the development of CSIRTs, ISACs, as well as relevant initiatives on information sharing on cyber security incidents in the energy sector by focusing on the subsectors identified in the NIS…