Given the great influence of artificial intelligence (AI) in people's daily lives due to the key role it plays in digital transformation through its automated decision-making capabilities, ENISA aims to raise awareness of cybersecurity and privacy threats related to various scenarios using...

Cyber Europe is a series of European Union-level cyber incident and crisis management exercises organised by the European Union Agency for Cybersecurity (ENISA), intended for both the public and private sector across the European Union and European Free Trade Association (EFTA) Member States....

Cyber Europe is a series of European Union-level cyber incident and crisis management exercises organised by the European Union Agency for Cybersecurity (ENISA), intended for both the public and private sector across the European Union and European Free Trade Association (EFTA) Member States....

This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how the NIS Directive has influenced cybersecurity investments and overall maturity of organisations in scope. As 2024 is the year of the...

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (hereinafter NIS2). The report aims at providing policy...

As a continuation of the ENISA report Cybersecurity Education Initiatives in the EU Member States, ENISA aims to understand the maturity of cybersecurity in primary and secondary education in each MS to further allow the creation of specific material to support cybersecurity education according...

Taking into account the main third-party cybersecurity assessments methodologies for ICT products and cloud services as well as the number of assessment bodies, the report presents the current state of play of cybersecurity assessments based on the past 5 years data. This study aims at analysing...

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends largely on the level of risk that EU Member States (MS)...

This report covers the topic of cybersecurity of Low Earth Orbit (LEO) constellations delivering telecommunications services (LEO satcom in short). The key specifics of an LEO satcom system may be summed up as (a) many assets forming the space and ground segments and (b) a worldwide distribution...

The Cyber Crisis Communication Guide is a comprehensive resource designed to help enterprises prepare for and respond to a cyber crisis. The guide provides practical guidance on how to create an internal and external cyber crisis communication plan, assess cybersecurity risks, and evaluate...