Detect, SHARE, Protect - Solutions for Improving Threat Data Exchange among CERTs
The focus of this report is on the threat and incident information exchange and sharing practices used among CERTs in Europe, especially, but not limited to, national/governmental CERTs.
It aims at:
- Taking stock of existing communication…
Ad-hoc & sensor networking for M2M Communications - Threat Landscape and Good Practice Guide
The ad-hoc and sensor networking Threat Landscape and Good Practice Guide complements the Annual Cyber Security ENISA Threat Landscape (ETL). It provides a deep overview of the current state of security in the ad-hoc and sensor networking for M2M…
ENISA Threat Landscape 2020 - Physical manipulation/ damage/ theft/ loss
The report provides an overview of physical tampering, damage, theft and loss of devices and outlines security practices, trends and findings. It also lists proposed actions for mitigation
Securing Smart Airports
In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant…
Artificial Intelligence Cybersecurity Challenges
This report presents the Agency's active mapping of the AI cybersecurity ecosystem and its Threat Landscape, realised with the support of the Ad-Hoc Working Group on Artificial Intelligence Cybersecurity. The ENISA AI Threat Landscape not only lays…
Supply Chain Integrity: An overview of the ICT supply chain risks and challenges, and vision for the way forward (2015)
The root of this report is the assertion that Governments, corporations, organizations, and consumers are increasingly reliant on ICT products and services, and thus on the supply chains that deliver them. As a result of this reliance threats to…
European Cybersecurity Month 2022 Campaign Report
The campaign was coupled with the commemoration of the ECSM 10th anniversary in 2022 and focused on two of the most prominent threats:
1. Phishing: so that users may detect and react to the most common attack against individuals.
2. Ransomware: so…
Guidelines for trust service providers - Part 2: Risk assessment
This document covers the following aspects of Trust Service Providers operations:
• Assets: identification, classification and evaluation
• Threats to assets: classification and evaluation
• Vulnerabilities present in the environment
• Probability…
Power Sector Dependency on Time Service: attacks against time sensitive services
This publication describes the threats against energy providers’ services which depend on the availability of precise timing and communication networks. It provides a typical architecture which supports the time measurement service. Then it…