Given the great influence of artificial intelligence (AI) in people's daily lives due to the key role it plays in digital transformation through its automated decision-making capabilities, ENISA aims to raise awareness of cybersecurity and privacy threats related to various scenarios using...

As a continuation of the ENISA report Cybersecurity Education Initiatives in the EU Member States, ENISA aims to understand the maturity of cybersecurity in primary and secondary education in each MS to further allow the creation of specific material to support cybersecurity education according...

The present report provides anonymised and aggregated information about major telecom security incidents that happened in 2022. Security incident reporting is a hallmark of EU cybersecurity legislation. It is an important enabler of cybersecurity supervision and a support tool for policymaking...

Taking into account the main third-party cybersecurity assessments methodologies for ICT products and cloud services as well as the number of assessment bodies, the report presents the current state of play of cybersecurity assessments based on the past 5 years data. This study aims at analysing...

This study highlights the complexities behind the notion of cyber crisis and the degree of subjectivity it involves. The elevation of a large-scale cyber incident into a cyber crisis relies predominantly on a political decision, and depends largely on the level of risk that EU Member States (MS)...

This report covers the topic of cybersecurity of Low Earth Orbit (LEO) constellations delivering telecommunications services (LEO satcom in short). The key specifics of an LEO satcom system may be summed up as (a) many assets forming the space and ground segments and (b) a worldwide distribution...

This document marks the first report on the state of cybersecurity in the Union, adopted by ENISA in cooperation with the NIS Cooperation Group and the European Commission, in accordance with Article 18 of the Directive (EU) 2022/2555 (hereinafter NIS2). The report aims at providing policy...

The Cyber Crisis Communication Guide is a comprehensive resource designed to help enterprises prepare for and respond to a cyber crisis. The guide provides practical guidance on how to create an internal and external cyber crisis communication plan, assess cybersecurity risks, and evaluate...

This document is the fourth edition of the NIS investments study published by ENISA to understand the impact of the Directive on the Security of Network and Information Systems (NIS Directive)3 on Operators of Essential Services (OES) and Digital Service Providers (DSP). Specifically, the...

The fact that users are the first line of defence in the cybersecurity chain, has rendered the need for cyber awareness-raising imperative and, as a response to that the European Cybersecurity Month 2022 campaign focused on two of the most prominent threats: 1. Phishing: so that users may detect...