European Union Agency for Network and Information Security

Building a Stronger Cybersecurity Community: 8th ENISA Industry Event

Wed, 02/19/2020 - 15:00

With the new European Parliament and Commission, and following the conclusion of the legislative process for the new EU Cybersecurity Act, 2020 will be a year that marks important milestones for the EU and the EU Agency for Cybersecurity in particular.

Within this context however, the primary objective of the ENISA Industry Event 2020 remains unchanged. Through this mechanism, the Agency will continue to inform small and medium sized businesses on recent cybersecurity policy and industrial policy developments and to help them to adapt to and to make the most of opportunities offered by these developments. By so doing, ENISA aims to support this stakeholder group by improving the level of cybersecurity throughout the EU,  and to encourage collaboration in the development of a more competitive cybersecurity market in parallel.

Steve Purser, Head of Core Operations at ENISA, opened the forum with an explanation of how the role of the Agency has evolved with the coming into force of the Cybersecurity Act (CSA). Particular attention was given to the EU Cybersecurity Certification Framework and the ‘Blueprint’ (cyber crisis coordination and pan-European incident handling). He also used the example of the recent work done at EU level to secure 5G implementations and suggested that this approach might be considered as a template for how the Agency deals with other future technology challenges, such as Artificial Intelligence (AI).

The conference focused on the latest policy developments and how these affect the European Industry landscape.

In the morning session, industry members of the Commission's High Level expert group on Artificial Intelligence (AI), experts from ENISA, the Joint Research Center and Fraunhofer Institute spoke gave an overview of the current situation of cybersecurity for AI.

The afternoon session was kicked off by Commission officials presenting the priorities of the new Commission, the cyber-security package, Horizon 2020 funding and cyber-theft of trade secrets. ENISA also shared recent developments since the adoption of the Cybersecurity Act including a briefing on the state of affairs in cyber-security certification. A panel moderated by the Head of Core operations of ENISA and composed by lead certification experts from ENISA, BSI, Cloud security Alliance, BEUC, and the EBF, discussed the benefits of EU cyber-security certification schemes.’

ENISA will help to empower and mobilise European industry players towards a trusted and secure digital society.  It will consolidate the input from its stakeholders and will provide policy makers such as the European Commission and Parliament with its recommendations based on industry’s inputs.


ENISA is celebrating its 8th anniversary since the creation of the Industry Community in 2015. ENISA has been organising its Industry Events in an effort to stimulate the development of the EU network and information security (NIS) industry. The event aims to improve collaboration between ENISA and the private sector, in particularly SMEs, that are considered to be the drivers of our digital economy.

Further Information

Event page: ENISA Industry Event 2020

For queries or interviews, please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Telecom Security Authorities meeting in Brussels

Wed, 02/19/2020 - 09:00

The first part of the meeting was open and attended by 150 telecom security experts from the public and the private sector including telecom operators, suppliers, industry associations, national authorities, cybersecurity experts and policy makers.

The second part of the meeting was closed and attended by 50 experts from European telecom security authorities, who extensively discussed legislation, reporting thresholds, amongst other topics.

Programme and speakers

The programme included talks on a wide range of telecom security talks, with speakers from the public and private sector. A short summary of the talks is as follows:  

  • Vangelis Ouzounis, EU Agency for Cybersecurity, Warna Munzebrock, Dutch Radiocommunications Agency and chair of the Article 13a group, and Jakub Boratyński, European Commission, gave opening statements to kick off the meeting.
  • Oscar Koeroo, KPN, spoke about the security mix and meeting unknown expectations
  • Thomas Tschersich, Deutsche Telekom, discussed zero-trust networks
  • Tanja Lange, Eindhoven University of Technology, spoke about quantum computing and progress in post-quantum cryptography.
  • Julie Ruff, European Commission, gave a presentation about the EU toolbox for 5G cybersecurity             
  • Mikko Karikytö, Ericsson, spoke about 5G Security from the supplier perspective.
  • James Moran, GSMA, outlined the Network Equipment Security Assurance Scheme (NESAS).
  • Bert van den Oord, Royal Netherlands Meteorological Institute, presented the impact of space weather (solar flare for example) on vital sectors.
  • Lorelien Hoet and Florian Pennings, Microsoft, spoke about Microsoft as a global cloud player in a cybersecurity and telecom environment.
  • Nina Cummins, Facebook, spoke about security reporting under the EECC, the new European telecom rules.
  • Nicolas Mayer, LIST, and Kevin Cassoli, IRIS, presented a new tool for integrated and model-based Article 13a compliance.
  • Benoit Vivier, European Emergency Number Association EENA112, spoke about the evolution of (112) access to emergency services.
  • Marnix Dekker, EU Agency for Cybersecurity, discussed about the importance of securing DNS.
  • Fennel Aurora, F-Secure, closed the day with a compelling talk about the importance of privacy in the electronic age.

Day Two

The second part of the meeting was closed and only for experts from telecom regulators and supervisory authorities from 30 EU and EEA/EFTA countries. In this closed part of the meeting, regulatory topics such as the new reporting thresholds for breach reporting under the new telecom security rules (the EECC) and how to update the Article 13a security framework to better fit the new telecom rules were discussed.

Other ENISA events back-to-back

To reduce the amount of air travel for these groups, ENISA organised other meetings back-to-back. Earlier in the week, the Agency hosted the 3rd meeting of national authorities for the security of digital infrastructures under the NIS Directive (TLD, IXP, DNS). At the end of the week, the Agency organised a 5G security seminar for the telecom security authorities to build up technical knowledge on 5G, mobile networks, interconnections and signalling.

Related Telecom Security Work

The new telecom rules will come into force at the end of 2020. The Agency recently published a paper listing the changes in telecom Security Supervision under the European Electronic Communications Code (EECC).

For the interested reader, the statistical data about telecom security 2018 incidents are available in the Telecom security incident reporting - Visual Tool, which allows custom data aggregations and analysis.

In the coming months ENISA will publish the ‘Annual Telecom Security Incident’ report, which aggregates and analyses the major incidents which were reported across Europe in 2019. The previous Annual Report Telecom Security Incidents 2018 showed interesting trends, regarding the size of system failures (decreasing) and the overall impact of natural phenomena (increasing, and for the first time the biggest share).


Over the last 10 years, the EU Agency for Cybersecurity has worked closely with European telecom security authorities to implement Article 13a of the Framework directive, i.e. regarding incident reporting and security requirements for telecom operators. The Article 13a group meets 3 times per year. Once per year we organise a telecom security meeting for a broader audience.

The Article 13a Expert Group was set up 10 years ago by the Agency, under the auspices of the European Commission, to agree on a harmonised implementation of Article 13a of the Telecom Framework Directive, which requires EU countries to supervise the security of telecom networks and services in the EU.

Further Information

Details on the Article 13a Group are available on the Resilience portal - Article 13a 

If you like to know more, or if you want to join our mailing lists to be kept up to date about our telecom security work or to receive invitations for future telecom security meetings, please contact us via

For queries or interviews, please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Second Staff Exchange between EU Cybersecurity Organisations

Wed, 02/19/2020 - 08:00

After a successful first edition at Europol in June 2019, the second iteration of the Staff Exchange initiative between the four Parties to the Memorandum of Understanding (MoU) – the European Defence Agency (EDA), CERT-EU, the EU Cybersecurity Agency (ENISA) and Europol’s European Cybercrime Centre (EC3), took place from 17 to 20 February 2020.

As part of the MoU partners’ Roadmap 2020-2021, this programme seeks to promote a better mutual understanding of respective priorities, practices and to deepen the working relationships across the respective organisations.

Hosted jointly by EDA and CERT-EU in Brussels, the experts focused on strategic developments in cyber defence, trained in threat hunting and met with industry representatives.

Olli Ruutu, EDA Chief Executive (ad interim), said: “The staff exchange is an excellent opportunity to share views and knowledge and further improve our common understanding of the work done by our respective entities. It is also a special moment for thinking outside the box with like-minded colleagues. There is a lot to be taken away from these Staff Exchanges which fully reflect the collaborative spirit of the Memorandum of Understanding we concluded in May 2018 to leverage synergies between our four organisations and promoting cooperation on cyber security and cyber defence.”

Saâd Kadhi, Head of CERT-EU, said: “This second Staff Exchange builds on the achievements of the one before. It will continue to improve the mutual understanding and cooperation between our organisations, ultimately leading to better collective cyber defence.

Juhan Lepassaar, ENISA’s Executive Director, said: “The EU Cybersecurity Agency welcomes the Staff Exchange initiative hosted by EDA and CERT-EU and sees this as a fruitful, knowledge-sharing exercise that fosters increased collaboration between the signatories.

Fernando Ruiz, Acting Head of Europol’s European Cybercrime Centre said: “The close cooperation and knowledge sharing between our entities contribute to building a robust European cyber defence. This Staff Exchange initiative, hosted by the European Defence Agency and CERT-EU, will strengthen the capabilities of our experts to effectively tackle the cyber threat and protect EU citizens, businesses and organisations.

Further information:

Please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


The European Cyber Security Challenge encourages young people to pursue a cyber career

Fri, 02/14/2020 - 11:00

The EU Agency for Cybersecurity, ENISA and representatives of the countries participating in the European Cyber Security Challenge ( are meeting in Vienna, Austria to discuss and plan the 2020 edition.

The main topics discussed during this planning conference were:

  • Lessons learned from ECSC 2019
  • Introduction of the new countries joining the competition
  • ECSC2020: Set-up and Infrastructure
  • Public affairs and communications aspects

The outlook for the 2020 ECSC final is very positive with 25 countries expressing interest to participate. A number of new ideas that are expected to enhance the competition will be discussed over the next two days in the meeting at Vienna.

ECSC 2019

The 2019 edition of the European Cyber Security Challenge took place in the Parliament building in Bucharest, Romania, in October 2019. For the first time, teams from 20 countries participated at the final (Austria, Cyprus, Czech Republic, Denmark, Estonia, France, Germany, Greece, Italy, Ireland, Liechtenstein, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania, Spain, Switzerland, United Kingdom).

The participants investigated vulnerabilities in web applications, binaries and document files, solved crypto puzzles and hack hardware systems. However, technical skills are just one part of the whole story. As time and resources were limited, teamwork and presentation skills were also evaluated. The finalists of ECSC 2019 were the teams from Romania, Italy and Austria.

The next planning meeting will be hosted by ENISA towards the end of June.

Further information:

You can find more information on the ECSC website:

or watching the ECSC video trailer.


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Call for Expression of Interest - eHealth Security Experts Group

Wed, 02/12/2020 - 08:00

The EU Agency for Cybersecurity (ENISA) eHealth Security Experts Group is the second iteration of the expert group focusing in the healthcare sector, initially created in 2015. The creation of this Experts Group aims at gathering experts from the healthcare sector to exchange viewpoints and ideas on cybersecurity threats, challenges and solutions, as well as to support ENISA in its work in the sector.

Participants to the eHealth Security Experts Group shall contribute to enhancing the current level of cybersecurity knowledge in healthcare by sharing their expertise on current threats, challenges and solutions. The scope of the ENISA eHealth Security Experts Group covers the entire ecosystem of eHealth systems and services as well as their potential interdependencies with other sectors.

Experts with technical background expertise and direct exposure on one or more of the following are invited to apply:

  • Operators of eHealth systems and services (healthcare organisations, national eHealth service providers etc.) with responsibilities for cybersecurity in their organisations;
  • National competent authorities for eHealth/healthcare services;
  • Manufacturers or integrators of medical devices or healthcare information systems with a focus on cybersecurity;
  • Associations and not-for-profit organisations involved in eHealth security;
  • Relevant authorities, academia, standardisation bodies and policymakers directly involved in the above topics.

Additional information about the eHealth Security Experts Group, as well as a link to the registration form, is available in the eHealth Experts Group's web page.


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


“Stronger Together” Cyber Europe 2020, get involved!

Tue, 02/11/2020 - 08:00

Cyber Europe 2020 is the sixth large-scale pan-european cyber exercise facilitated by the EU Agency for Cybersecurity (ENISA). This year marks 10 years of cybersecurity exercises in Europe, a milestone for this unique initiative.

Keeping Europe safe is a shared responsibility. In this spirit the exercise aims to build cybersecurity capacities, strengthen EU cooperation and increase cybersecurity awareness and preparedness in the healthcare sector.

The participation to the exercise is open; if you are interested in getting involved you can find more information here:

For any question on the Cyber Europe 2020 exercise, please contact:

Exercise Promotion:

We encourage our partners in the European Union, EFTA members, National Cybersecurity Authorities, private companies, European Commission and other EU bodies and Institutions such as CERT-EU, the European Council and Europol to join efforts on rolling out this one-off communications campaign by sharing, re-tweeting and re-publishing ENISA’s posts. All planners and participants are equally encouraged to post regularly regarding their own participation.

Contact Details:

For any question on the communications and press, please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Cyber Threat Intelligence Community Bonding event

Mon, 02/03/2020 - 16:30

20 speakers participating in the various CTI sessions and a wide audience of 160 participants made this a successful event. Approximately 9 vendors of CTI products have participated in the CTI showroom, networking with the event participants.

During the presentations and interactions with participants, it was stressed that CTI is about information collection, contextualisation, analysis and creation of bodies of knowledge. Processes guiding these activities need to undergo a continuous maturity process.

In the EU, historically, some organisation units have started developing these capabilities due to their emerging role and needs. ENISA, CERT EU, DG CONNECT, EEAS, JRC, EDA are such cases, all present in the panel CTI in European Commission services, opened by the EU Agency for Cybersecurity Executive Director, Juhan Lepassaar.

Their engagement spans most of the CTI areas: operational/tactical (CERT EU), tactical/strategic (ENISA), strategic/policy (Commission) geopolitical (EEAS), defence (Commission, EDA), scientific/hybrid threats capability (JRC). In the meantime, these activities became mainstream in the daily businesses of these organisations.

The objective of the conference was to learn from available knowledge and analysis skills, facilitate exchange of best practices, find synergies with the aim to make approaches coherent. We can together find paths to mutually achieve a higher level of CTI maturity. Initial steps with CERT EU and JRC on the matter have been already agreed, a short time ago.

This is imperative in order to facilitate decision-making and risk management activities at all levels: technical, operational, scientific, policy and diplomacy.

This is a vital contribution increasing European autonomy in the critical area of CTI and at the same time towards strategic objective of a unified European approach in cybersecurity.

The Network Information Security conference organised by ENISA and FORTH Hellas Institute, will take place again on the last quarter of the year. Information on this event will be become available soon.


Further Information:

Event page - 2020 CTI-EU | Bonding EU Cyber Threat Intelligence


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


The EU Agency for Cybersecurity endorses the EU Toolbox for 5G Security

Thu, 01/30/2020 - 14:00

Last year, the EU Agency for Cybersecurity also supported the EU Member States with developing an EU-wide joint risk assessment regarding the 5G roll out, and delivered a 5G threat landscape report, which analyses threats at a more technical level. All three items, i.e. the joint risk assessment, the threat landscape and the toolbox are implementing what was requested by the European Commission in the recommendation on 5G cybersecurity of March of last year.

The EU Toolbox for 5G Security published yesterday was developed by the NIS Cooperation group. This group has representatives from all EU Member States and it was set up under the NIS Directive, for the purpose of strategic EU-wide collaboration on cybersecurity issues.

The NIS Cooperation group is currently chaired by Croatia under the Presidency of the EU Council. 5G cybersecurity is one of several work streams of activities inside the NIS Cooperation group. ENISA supports the group in all the different activities, helping member states with the drafting of guidelines, reference documents with good practices, developing collaboration procedures, exercises, etc. Yesterday, for example, the NIS Cooperation group launched a new work stream on cybersecurity in the health care sector.

The EU Agency for Cybersecurity is looking forward to supporting the European Commission and the EU Member States with the next steps, i.e. the implementation of the toolbox.


Further information:

EU Toolbox for 5G Security

European Commission's factsheet about the EU Toolbox for 5G Security

European Commission's press release endorsing the EU Toolbox for 5G Security

European Commission's communication on implementing the EU Toolbox for 5G Security

NIS Cooperation group 

ENISA - threat landscape for 5G Networks

European Commission's recommendation on 5G cybersecurity


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


EU Agency for Cybersecurity and Joint Research Centre discuss cooperation

Wed, 01/22/2020 - 09:15

From the left-side: Georg Peter JRC, Evangelos Ouzounis ENISA, Jean-Pierre Nordvik JRC, Dan Chirondojan JRC, Juhan Lepassaar ENISA, Steve Purser ENISA.

Today, the EU Agency for Cybersecurity held a meeting with representatives of the Joint Research Centre (JRC) to discuss alignment of tasks in the areas of cybersecurity and emerging technologies. We need to build foresight capacities so that both bodies can fulfil their core functions.

Juhan Lepassaar, the Executive Director of the Agency and Steve Purser, Head of Core Operations welcomed the following delegation from the JRC: Dan Chirondojan, Director, Directorate E - Space, Security and Migration, Georg Peter, Head of Unit, Unit E.2, Technology Innovation in Security and Jean-Pierre Nordvik, Unit E.3 - Cyber and Digital Citizens' Security.

The meeting included presentations from the Agency on cybersecurity certification, new technologies and cyber threat intelligence. Other areas of cooperation were discussed including the possibilities of exchanging staff members and the sharing of tools.

The Agency needs to cooperate closely with many partners in the cybersecurity ecosystem and the meeting aims to strengthen our relationship with the JRC.


For further queries:

Please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Open platform and tools to facilitate the collaboration among Computer Security Incident Response Teams

Wed, 01/15/2020 - 15:15

Recently, the European Commission has selected a tender for funding under the call “Connecting Europe Facility – Cybersecurity Digital Service Infrastructure Maintenance and Evolution of Core Service Platform Cooperation Mechanism for CSIRTs – MeliCERTes Facility” (SMART 2018/1024).

The winner is a strong consortium stemming from the CSIRTs community.  Poland’s national Computer Emergency Response Team (NASK/ will coordinate the work of the consortium supported by four partners, the Austrian Computer Emergency Response Team (, the Estonian Information System Authority (CERT.EE), the Computer Incident Response Center Luxembourg (CIRCL) and Deloitte. They will work together to further develop and maintain the MeliCERTes platform offering sustainable services and collaboration tools to EU CSIRTs.

Building on the services provided by the initial MeliCERTes platform and now hosted by the EU Cybersecurity Agency, ENISA, the new grant will cover:

  • The implementation of a collection of open source tools used, developed and maintained by the CSIRTs themselves, with the primary goal of providing services for their own constituency.
  • Improvement of the existing foundation as bootstrapped in MeliCERTes into long-term maintainable and a more operationalised platform, meant to support the cooperation efforts within the CSIRTs Network.
  • Apart from maintenance and development of the key components of MeliCERTes, such as MISP and IntelMQ, fresh ideas for tooling will be incorporated during the project, for example vulnerability management and disclosure, large-scale malware storage or leak analysis and detection capabilities.

A special emphasis will be put on ensuring that the needs and requirements of newer CSIRTs will be addressed. The consortium is composed of three members of the CSIRTs Network, which have a proven track record of both building new tooling and maintaining software over the long-term, such as, CERT.PL, CIRCL and CERT EE.

This 3 years grant receives a funding of 2 million EUR by the EU. It will be carried out in close collaboration with ENISA, the EU Agency for Cybersecurity is hosting the central node of the MeliCERTes facility. It builds on the outcomes of SMART 2015/1089 that developed the MeliCERTes core platform.

Cybersecurity in Europe’s industrial sectors and operators of essential services

Support to another important area comes from the CEF call ”Cybersecurity digital service infrastructure establishment of a core service platform cooperation mechanism for Information Sharing and Analysis Centres (ISACs) facilities manager” (SMART 2018/1022). The EU has procured 1.5 million EUR to a 3 years grant to assist the establishment and further development of European level sectorial ISACs covering all the sectors and subsectors identified by the NIS Directive (Annex II), such as in the energy, finance, healthcare, water distribution, digital infrastructure and transport sectors.

In the selected grant Gapgemini (coordinator) and Intrasoft work together in a consortium supported by the Spark Legal Network, the Netherlands Organisation for applied scientific research (TNO) and the German DFN-CERT Services. The action will include the development of a strategy for the creation of new ISACs in critical sectors, support their start-up phase by providing technical and legal support and facilitate the launch of ISACs on a European level - also building on existing ISACs. The consortium will involve and closely work together with stakeholders from all relevant sectors. Also in this activity, ENISA will be a key partner in establishing European level sectorial ISACs.

Today the kick-off meeting for both grants takes place in Brussels.

Further information:

DG CONNECT news article

Calls for tender:

Melicertes 2 (SMART 2018/1024)

ISACs (SMART 2018/1022)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


The state of Cybersecurity Vulnerabilities 2018-2019

Tue, 01/14/2020 - 07:55

From the left-side: Georgios Psykakos CERT-EU, Marnix Dekker ENISA, Evangelos Ouzounis ENISA, Saad Kadhi CERT-EU, Juhan Lepassaar ENISA, Steve Purser ENISA, Andrea Dufkova ENISA, Cosmin Ciobanu ENISA.

CERT-EU Working Visit

ENISA´s Executive Director, Juhan Lepassaar and Head of Core Operations, Steve Purser welcomed the Head of CERT-EU, Saâd Kadhi to its premises in Athens. CERT-EU plays an important role in effective and efficient response to information security incidents and the mitigation of cyber threats against the European Union institutions, bodies and agencies.

The meeting included an overview of key ENISA and CERT-EU activities, including steps to enhance their bilateral cooperation as foreseen by the Cybersecurity Act with presentations on the CSIRTs Network, Cyber Threat Intelligence and the EU Blueprint for rapid emergency response in case of a large scale cross-border cyber incidents or crises.

Information exchange and collaboration in joint projects are key priorities for CERT-EU and ENISA underpinned in the Memorandum of Understanding that was signed in May 2018 *.

State of Cybersecurity Vulnerabilities 2018-2019

Coinciding with the CERT-EU visit, the EU Agency for Cybersecurity published a report on the state of vulnerabilities 2018-2019. The report includes valuable contribution from CERT-EU experts as well as other renowned cybersecurity experts. Sharing information on vulnerabilities allows for informed decisions to made, remedies to be put it in place and risks to be evaluated.

The ‘State of Cybersecurity Vulnerabilities’ report published today continues the work that was initially produced in 2016 when ENISA published the first of its kind report covering the topic of vulnerability disclosure. Since then, the vulnerability ecosystem has matured considerably. The positive developments are associated with increased efforts in collecting more accurate and consistent information about vulnerabilities, their severity, associated exploits/attacks as well as potential impact and complexity.

Standardisation of Collected Information

Standardisation plays a key role in the vulnerability information collection process by streamlining threat intelligence sharing and risk management. Generally, the information about vulnerabilities resides in either public or private/commercial databases, therefore it's not unreasonable to assume that there are differences among them, in terms of reliability, accuracy and completeness.


The purpose of the report is to provide an insight on both the opportunities and limitations that the vulnerability ecosystem offers. By using the vulnerabilities published during the year of 2018 and Q1-Q2 of 2019 as a vehicle, this report attempts to go beyond the standard exploratory analysis, which is well captured by industry whitepapers and reports, and instead attempts to answer questions related to the reliability, accuracy of the vulnerability sources and the widely accepted evaluation metrics.

The end goal of the report is to help the InfoSec community, public/private organisations and vendors to take informed decisions about patching, prioritisation of security controls and lastly to improve their risk assessment process.

Target audience

  • Information Security community (CSIRTs, Security Operations, other organisations with a stake in cybersecurity),
  • Public and private organisations
  • Research and Academia
  • Vendors


CERT-EU and the EU Agency for Cybersecurity have signed a Memorandum of Understanding (MoU) in May 2018 together with Europol and EDA to establish a cooperation framework between their organisations. It focuses on five areas of cooperation, namely Exchange of information; Education & Training; Cyber exercises; Technical cooperation; and Strategic and Administrative matters.

Full report:

ENISA report - State of Vulnerabilities 2018/2019 - Analysis of Events in the life of Vulnerabilities.

For further queries:

Please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Call for expression of interest for an ad hoc Working Group

Thu, 12/19/2019 - 09:00

In response to a European Commission request addressed to the EU Agency for Cybersecurity (ENISA), the Agency announces this call for expression of interest for the selection of the 20-member strong ad hoc working group for the purpose of preparing a candidate cybersecurity certification scheme on Cloud Services.

 The candidate cybersecurity certification scheme is envisaged to provide for cybersecurity certification of a broad range of cloud services. The ad hoc working group on cloud services will draw its input from existing schemes and sources, and its first task will be to specify further the scope of the scheme.

The EU Agency for Cybersecurity invites a wide range of stakeholders to express their interest to join this working group. The ad hoc working group on cloud services will include representatives from cloud service providers, cloud service users, providers of value added cloud services, consumer organisations, conformity assessment bodies, scheme owners etc.

The deadline for this call is on 20 January 2020.

Further information on this call including the terms of reference and an application form are available through the page Ad-hoc Working Groups calls.


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


2020 CTI-EU | Bonding EU Cyber Threat Intelligence

Tue, 12/17/2019 - 13:00

Just as in previous years (2017, 2018), ENISA organizes the third version of its bonding event on Cyber Threat Intelligence (CTI). The event is going to take place in the THON-EU Hotel in Brussels on 30th and 31st January 2020.

The event aims at bringing together experts, practitioners, researchers, academia and individuals who are interested in the developments in the area of CTI. CTI EU is a forum for discussing European and international developments in CTI, get informed about the current trends in CTI, meeting CTI service providers and get informed about current CTI offerings, requirements, use cases, tools and practices.

Indicative topics to be covered in this year’s events are:

  • CTI Good Practices and developments
  • CTI Technology (Tools/Services/technologies)
  • CTI in various sectors
  • CTI Data and CTI Metrics
  • Developments in the Threat Landscape
  • Threat intelligence platforms
  • CTI production and consumption with the European Commission and its bodies

European and international speakers will present a number of talks related to CTI. Some examples:

  • "Cyber Threat Intelligence, the Microsoft Way", Tom Finley, Microsoft
  • “Threat Intelligence Orchestration and Automation”, Martin Ohl, McAfee
  • CTI in MISP, (Title and speaker to be announced)
  • “Open Source CTI platform”, ANSSI, (Speaker to be announced)
  • “Technology enablement in the intelligence cycle and the role of TIPs”, Andreas Sfakianakis
  • “Script-kiddies Today, Cybercrime Kingpins Tomorrow: How Malware-as-a-Service Providers Change Your Threat Landscape” , Marco Riccardi, quoscient
  • “Public-Private Partnership in the Fight Against Cybercrime: Cybercrime Landscape in Japan and JC3 Initiatives", Japan's JC3, (Speaker to be announced)
  • “Cybersecurity and Hybrid Threats: Putting in context incidents and open source intelligence “, Georgios Giannopoulos, JRC
  • "Full Stack Cyber Attack model", Francisco Luis de Andres Perez
  • “Implementation of TIBER-BE”, Dominik Smoniewski, National Bank of Belgium
  • “CTI Data and Metrics - what, where, who, how many? time to take out the garbage”, Jart Armin, SISSDEN BV NL
  • EDA (Title and speaker to be announced)
  • “EU cyber diplomacy toolbox “, EEAS, (Speaker to be announced)
  • CERT EU (Title and speaker to be announced)
  • “CTI: a unified European approach for shared situational awareness and coordinated response”, Ioannis Askoxylakis, DG-CONNECT.

During the event, a panel discussion will take place. Subject of this panel will be a discussion on CTI production and consumption within European Commission, focussing on requirements and priorities. Short statements (ca. 5-10 minutes) from EDA, EEAS, CONNECT, CERT-EU and ENISA will be presented on what kind of CTI they are interested in, what are the methods for producing, how this is going to be developed in the future (new Commission, Joint Cybersecurity Unit, Cybersecurity Competence Centres, etc.).

Besides the presentations, in this year’s event demos, tools and approaches will be showcased in a special room. Attendees will be in the position to visit the stands of presenting organizations, interact with organizations and get informed about CTI service and tool offerings.


Thon Hotel EU
Address: Rue de la Loi 75, 1040 Bruxelles, Belgium
Phone: +32 2 204 39 11
Thon Hotel EU Website

Event Page

You can find the page of the event from the following link: 2020 CTI-EU Event Page


Registration is free-of-charge and mandatory. You can register for the workshop via the following link: Registration Form

Privacy statement

You can find the privacy statement from the following link: Privacy statement.


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Supporting the deployment of the EU Cybersecurity Certification Framework

Tue, 12/10/2019 - 08:00

Dr. Andreas Mitrakas, ENISA

Pursuant to the EU Cybersecurity Act that entered into force on 27th June 2019, ENISA supports and promotes the development and implementation of Union policy on cybersecurity certification of ICT products, services and processes.

This validation workshop on “Supporting the deployment of the EU Cybersecurity Certification Framework” aimed to present the efforts that ENISA has undertaken since the entry into force of the Act and throughout 2019. Presentations included analysis and recommendations as well as input on the response to Commission requests notably on a Common Criteria scheme.

The debate on the various deliverables called for engaging discussions with an expert audience on such areas as, handling of vulnerabilities; maintenance of a scheme in Common Criteria; content of a cybersecurity certification scheme; aspects of deployment of a scheme and market buy-in; aspects related to standardisation and the need to align planning certification schemes with the evolution of standards. 

Responding to Commission requests, ENISA is currently carrying out work on two different cybersecurity certification schemes, related to Common Criteria and Cloud services.

The objective of this workshop in terms of validating deliverables with stakeholders was met and it demonstrated in practical terms the engagement of the Agency in terms of accountability and stakeholders’ involvement in the production of its output. This is an area to be monitored further.


Note to editors:

Further information on Cybersecurity Certification can be found here:  Bolstering ENISA in the EU Cybersecurity Certification Framework.

For further queries:

Please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA proposes Best Practices and Techniques for Pseudonymisation

Tue, 12/03/2019 - 08:00

In the light of the General Data Protection Regulation (GDPR), the challenge of proper application of pseudonymisation to personal data is gradually becoming a highly debated topic in many different communities, ranging from research and academia to justice and law enforcement and to compliance management in several organisations across Europe.

The ENISA ‘Pseudonymisation techniques and best practices report’, amongst other, especially discusses the parameters that may influence the choice of pseudonymisation techniques in practice, such as data protection, utility, scalability and recovery. It also builds on specific use cases for the pseudonymisation of certain types of identifiers (IP address, email addresses, complex data sets).

One of the main outcomes of the report is that there is no single easy solution to pseudonymisation that works for all approaches in all possible scenarios. On the contrary, it requires a high level of competence in order to apply a robust pseudonymisation process, possibly reducing the threat of discrimination or re-identification attacks, while maintaining the degree of utility necessary for the processing of pseudonymised data.

On 12 November 2019, ENISA in co-operation with the Data Protection Authority of the German Federal State of Schleswig-Holstein (ULD) held a dedicated workshop on “Pseudonymisation and relevant security techniques” that aimed to further discuss and elaborate on the current state-of-the-art and existing experience on this field.


Further Information

The ENISA Pseudonymisation techniques and best practices report

The ENISA GDPR & deploying pseudonymisation techniques news


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Cybersecurity certification: lifting the EU into the cloud

Mon, 12/02/2019 - 08:00

In accordance with article 48(2) of the EU Cybersecurity Act, the European Commission has requested ENISA to prepare a cybersecurity certification candidate scheme for cloud services, taking into account existing and relevant schemes and standards.

Cloud services provide important business opportunities for public administration and businesses. A single European cloud certification is critical for enabling the free flow of non-personal data, which allows for the unrestricted movement of data across borders and information systems within the EU.

The cybersecurity certification of cloud services will bring enhanced trust and legal certainty in the security of cross-border data processing, as acknowledged by the Free Flow of Data Regulation (Regulation (EU) 2018).  Certified cloud services will reinforce the impact of this regulation helping the EU data economy to further contribute to GDP growth.

The Commission has facilitated the work of the Cloud Service Provider Certification (CSPCERT) Working Group in this area. CSPCERT is a private and public stakeholder group, which has worked to provide a recommendation in relation to the security certification of cloud services to ENISA, the European Commission and the Member States, available here: CSPCERT WG - Recommendations for the implementation of the CSP Certification scheme.

A call for expressions of interest for an Ad-Hoc Working Group for Cloud Cybersecurity Certification will be launched in due course and will be posted on the ENISA website.


Note to editors:

Further information on Cybersecurity Certification can be found here: Bolstering ENISA in the EU Cybersecurity Certification Framework.


For further queries:

Please contact



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Cyber agencies assess future cooperation opportunities

Fri, 11/29/2019 - 11:00

The purpose of the meeting was to assess the progress achieved since the 2018 MoU and to plan the future cooperation activities for 2020-2021. The MoU provides a comprehensive cooperative framework through which civil-military synergies can be promoted, ultimately aiming to improve cybersecurity of all stakeholders and support Member States’ cyber defence programmes. 

In 2019, quadrilateral cooperation was further enhanced with various activities, regular exchanges on topical cybersecurity aspects and participation in respective events of interest.

Looking ahead, the collaboration roadmap prepared by the MoU working group envisages concrete activities on cyber training & education, technology development. The updated roadmap sets ambitious objectives for the coming year, effectively taking the level of cooperation to a new level. As part of the cooperation, the four partners are planning to organise a major event in the second part of 2020, improve their cooperation along the lines of major cybersecurity policy implementation (notably, the Cybersecurity Act) and the update Cyber Defence Policy Framework. They also commit to pay additional attention to improving incident response mechanisms and processes as well as increased joint contributions to high visibility events on Cybersecurity and Cyber Defence.

EDA Chief Executive Jorge Domecq said: “The efforts required by the implementation of the Cyber Defence Policy Framework and, in general, by our contributing Member States in the cyber defence domain are consistently increasing, and require specialised and committed resources. The collaboration enabled by the MoU is a key factor of our efforts to harmonize these efforts, avoid duplication and support Member States in their capability development programmes”.

ENISA Chief Executive Director Juhan Lepassar said: “I trust this new roadmap will enable the four partners to a closer, more effective collaboration and provide a valuable platform to help the European Union achieve the aims of the EU cyber crisis cooperation Blueprint”.

The Head of Europol's European Cybercrime Centre, Steven Wilson said: "This agreement has paved the road for a number of significant developments in the fight against cybercrime. At Europol's European Cybercrime Centre, we welcome the challenges and opportunities that are to come and continue to believe that we are stronger together in our efforts of securing Europe in the digital age."   

The Head of CERT-EU, Saâd Kadhi, stated: “As an entity with a mission to act as the cybersecurity information exchange and incident response coordination hub for its constituents, cooperation runs through CERT-EU’s veins. This MoU, and the ambitious deliverables we have set ourselves, is truly key to strengthening our collective capabilities and reinforcing the ties between the cyber defence, security and law enforcement communities".

More information:


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA launches a tool which maps security measures for OES to international standards

Thu, 11/28/2019 - 08:00

Copyright: Shutterstock

The new tool is now available through an online platform dedicated to operators in the sectors of energy, transport, banking, financial market infrastructures, health, drinking water supply & distribution and digital infrastructures. Developed by ENISA, the tool is aimed at Operators of Essential Services, as well as public regulatory authorities of the Member States.

The initiative stems from the NIS directive (EU) 2016/1148, which provides for the establishment of security measures for those operators offering essential services across the EU, in order to achieve a high common level of Security of Network and Information System. 

The specific work stream of the NIS Directive Cooperation Group on security measures for OES enabled the analysis of security requirements in the EU against the most frequently used international information security standards across the defined sectors. The result of this analysis is visible in the tool as it compiles the existing security measures identified.

The tool facilitates the search of security measures and their respective security controls in international standards. It also helps assessing their use in the Member States and in various NISD sectors.

  • Operators can use this tool to map their own standards to the proposed security measures, enabling the assessment of their information security practices against the requirements adopted by the Cooperation Group.
  • The Member States can use this tool to identify issues and look for solutions when assessing the security measures of their national OES and possibly identify a mapping to corresponding national security measures of other Member States.

The ENISA ‘Minimum Security Measures for Operators of Essentials Services – Tool’.

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Knowledge-building on Cryptography for eIDAS Supervisory Bodies

Wed, 11/27/2019 - 16:30

In total 34 experts from 13 Member States attended the training, which is a part of the Agency’s support for the ENISA Article 19 Expert Group. The ENISA Article 19 group was set up by ENISA in 2015 to bring together experts from supervisory bodies who supervise Article 19 of the eIDAS, i.e. the security requirements for providers of electronic trust services in Europe.

Day one – Cryptography foundations

Day one of the knowledge building was dedicated to the foundations of cryptography and the cryptographic primitives. For this first day, ENISA had contracted the services of Professor Christian Rechberger, crypto researcher at TU Graz IAIK, and his colleague Daniel Kales. They went over cryptographic primitives and the foundations, and discussed new developments in the area of quantum-safe algorithms, as well as new cryptographic protocols such as homomorphic encryption and zero-knowledge proof-systems.

In the afternoon participants did some hands-on work and practical exercises to delve into multiparty computation, discussing threats and use-cases for the new cryptography. 

Day two – Applied cryptography

Day two of the knowledge building was dedicated to the application of cryptography in practice. For this second day ADACOM put together a programme with different teachers and subject matter experts from the University of the Aegean, QMSCERT, Ascertia, Gemalto amongst others.

This second day covered themes including the IT infrastructure and architecture of a qualified Trust Service Provider (TSP), a roadmap for a TSP for complying with eIDAS, audits under eIDAS, from the perspective of the Conformity Assessment Body (CAB), and also more technical topics like remote Qualified Signature Creation Device solutions, remote ID Identification, secure remote on-boarding. In the afternoon participants did a hands-on exercise on two-factor biometric authentication architectures using smartphones and hardware security module One Time Passwords (OTPs).

Further Information:

  • This work has been carried out under Output O.1.2.3 ‘Support incident reporting activities in the EU’ of the 2019 Annual work programme of ENISA.
  • In 2015, ENISA founded the Article 19 Expert Group, to bring together experts from supervisory bodies, to discuss on the technical details of incident reporting and the supervision of the security requirements in Article 19. Article 19 of the eIDAS Regulation requires that trust service providers assess risks, take appropriate security measures, and notify significant security incidents and breaches of integrity to the national supervisory bodies. A representative from RTR Austria chairs the group, ENISA acts as its secretariat, and ENISA supports the group with logistics, collaboration tools, as well as breach reporting tooling and analysis.
  • The ENISA Article 19 Expert Group


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA organises Maritime Cybersecurity Workshop in Lisbon

Wed, 11/27/2019 - 13:30

Multiple experts representing EU maritime sector stakeholders, such as port authorities, terminal operators, shipping companies and national competent authorities gathered in Lisbon to attend the ENISA Maritime Cybersecurity Workshop. The speaker line-up included presentations from DG CONNECT, DG MOVE and EMSA, as well as speakers from maritime operators, the industry and experts from Information Sharing and Analysis Centres (ISACs).

A significant part of the workshop was dedicated to a discussion on the ENISA ‘Port Cybersecurity - Good practices for cybersecurity in the maritime sector report’, which was published on the same day. Workshop participants exchanged views on the key findings of the report and voiced their opinion on what they would like to see ENISA working on next in the maritime sector.  

The afternoon session focused on the concept of ISACs, including presentations on good practices and lessons learnt from similar initiatives in other sectors. Subsequent discussions focused on the specific needs of the maritime stakeholders for such an information-sharing platform specifically for the EU maritime sector and on how ENISA could support the creation of an EU maritime ISAC.


Futher information

The ENISA ‘Port Cybersecurity - Good practices for cybersecurity in the maritime sector report



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items: