European Union Agency for Network and Information Security

Synopsis of Webinar on Certification of Cloud Services

Thu, 01/21/2021 - 11:00

The purpose of this webinar was to give the opportunity to stakeholders at large to learn about the draft candidate EUCS. Released on 22 December, the draft candidate scheme is open to public consultation until 7 February 2021.

Eric Vétillard, Lead Certification expert of the EU Agency for Cybersecurity (ENISA) introduced the main principles applied to the development of the scheme and answered the questions of the audience.

The presentation included a review of the progress and addressed the main challenges of this ambitious mission. The idea was also to explain the logic behind the choices made to build the draft candidate scheme and to define associated concepts such as:

  • The three assurance levels;
  • The assessment method;
  • Sub-services;
  • The organisation of security controls;
  • The requirements for transparency (available documentation for customers).

The webinar closed with an overview of the next steps of the project as well as anticipated challenges, such as:

  • The enhancement of the present draft considering public feedback;
  • Experimentations based on the draft scheme to test specific requirements or the assessment method;
  • The fine-tuning of the scheme to ensure consistency throughout the development of guidance.

The recording of the webinar, (presentation and Q&A session) is available here below:


The slides presented during the webinar are also publicly available: ENISA Cybersecurity Certification of Cloud Services - Presentation

The current version of the draft candidate cybersecurity certification scheme is open to public consultation until 7 February 2021 while a review by the European Cybersecurity Certification Group (ECCG) and the Stakeholder Cybersecurity Certification Group (SCCG) will also be carried out.

To participate to draft candidate EUCS:

To review the draft scheme, visit: Draft EUCS Candidate Scheme.

To participate in the public consultation, visit: Draft EUCS Candidate Consultation Survey.


For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA and eu-LISA – Cooperation for a More Digitally Resilient Europe

Fri, 01/08/2021 - 11:00

Within the priorities of the Portuguese Presidency of the Council of the European Union and the current Recovery Plan for Europe put forward by the European Commission, the words “digital” and “resilience” are prominent and at times used together. When combined they bring to mind IT-related challenges that need to be addressed to ensure a stronger and safer Europe for its citizens. One of the primary concerns is cybersecurity; and, given that this is a topic of common interest to the European Union Agency for Cybersecurity (ENISA) and the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), it gives the two Agencies further impetus to work together to face this growing threat.

Earlier today Executive Directors Juhan Lepassaar (ENISA) and Krum Garkov (eu-LISA) signed a multiannual Cooperation Plan. The plan sets out activities that will provide benefits through joint actions to the Agencies themselves and to the EU Member States.

The three-year Cooperation Plan complements the existing regulations applicable to ENISA and eu-LISA, and lays out various actions within complimentary areas that the Agencies can draw benefits from by sharing knowledge, information and expertise. Information Security, Business Continuity, Research, Data Protection and Corporate Quality Management are among the priority areas identified for collaboration.

ENISA Executive Director Juhan Lepassaar said: “Securing our digital future is facilitated by sharing knowledge and expertise. This Cooperation Plan will allow our Agencies to find solutions together.”

"With cybersecurity and digital resilience high on the European agenda for the coming years, it seems fitting to take the opportunity to strengthen our cooperation with ENISA and to boost our common contributions to the goals set for Europe's digital future. There are many areas where our respective consolidated expertise can be put to good use. The EU Cybersecurity Strategy, adopted by the Commission in December, is one of these and the fast changing landscape of cyber threats including the ensuing need to secure common cyber spaces are examples of where we can mutually assist each other. This renewed agreement is the best way to kick-off 2021 and eu-LISA is looking forward to extending its relationship with ENISA." said Krum Garkov, Executive Director of eu-LISA.

It is in the common interest of both Agencies to promote and share activities with their stakeholders and the general public in order to provide increased visibility and further improve awareness of their respective responsibilities and joint successes. For this reason, the Cooperation Plan includes core activity related plans, as well as communication and information sharing as important areas for joint actions.

Further Information:

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Launch of New Ad-hoc Working Group on European Cybersecurity Skills Framework

Fri, 12/18/2020 - 11:00

The creation of the working group on Cybersecurity Skills Framework marks another milestone in the efforts of the European Union Agency for Cybersecurity to address the workforce shortage and skills gap problem.

The cybersecurity workforce shortage and skills gap is a major concern for both economic development and security, especially in the rapid digitisation of the global economy.

The European Cybersecurity Skills Framework project aims to:

  • promote harmonization in the ecosystem of cybersecurity education, training, and workforce development;
  • help in the development of a common European language in the cybersecurity skills context, to reduce the skills shortage;
  • support the digital transformation, by defining the skills needed to fulfil cybersecurity related positions;
  • support the design of cybersecurity related training programmes for skills and career development in order to address the cybersecurity skills shortage.

The Ad Hoc Working Group on the European Cybersecurity Skills Framework is meant to support the development of a Cybersecurity Education and Skills Framework in response to the European Skills Agenda. The working group follows the Pact for Skills engagement and governance model, having input from a number of relevant stakeholders and will assess the challenges in the development of the European Cybersecurity Skills Framework from different perspectives (e.g. academic and industrial perspective).

The purpose of the ad-hoc working group is to:

  • advise ENISA on defining the criteria for a European Cybersecurity Skills Framework;
  • support the analysis of other existing initiative cybersecurity related frameworks with respect to the defined criteria;
  • assist in identifying gaps in already developed European Cybersecurity Skills Framework;
  • assist in conducting a SWOT analysis for an European Cybersecurity Skills Framework;
  • review of related ENISA deliverables;
  • assist in the preparation of the European Skills Framework.

Further Information

ENISA website page - Ad Hoc Working Group on the European Cybersecurity Skills Framework.


For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Cybersecurity in the Maritime Sector: ENISA Releases New Guidelines for Navigating Cyber Risk

Thu, 12/17/2020 - 13:00

Today, the European Union Agency for Cybersecurity (ENISA) released cybersecurity guidelines to help European port operators manage cyber risks amid digital transformation and increased regulations. ENISA’s new Guidelines - Cyber Risk Management for Ports was drafted in collaboration with several ports in EU Member States. The publication builds on ENISA’s 2019 Port Cybersecurity Report by providing actionable practices that speak to the current cybersecurity threats and changing digital landscape faced by Europe’s maritime sector.

EU Agency for Cybersecurity Executive Director Juhan Lepassaar stated: “The maritime sector plays a pivotal role in the global supply chain. Advancing digital technologies bring economic benefits to ports, but also introduce new cyber threats. The report provides guidelines and good practices to support them in effectively conducting this cyber risk assessment, which is where many of these operators face challenges.”

The interconnected nature of ports requires operators to achieve and maintain a baseline level of cybersecurity to ensure security across the port ecosystem. The report notes that the EU maritime sector has a fragmented approach to assessing cyber risks.

The report encourages port operators to develop a set of good practices in a means to develop this baseline level of cybersecurity. Practices include to:

  • Identify cyber-related assets and services in a systematic way that includes maintaining an asset inventory, identifying dependencies and deploying automation;
  • Adopt a comprehensive approach for identifying and evaluating cyber risks that includes CTI, risk indicators and business impact analysis, involves all relevant stakeholders and is integrated at an organisational level;
  • Prioritise the implementation of security measures following a risk-based approach that considers security measure effectiveness and pertinence to the identified risks, and is founded in a security-by-design approach;
  • Implement organisation-wide cybersecurity awareness and technical training programmes;
  • Develop a comprehensive cybersecurity programme that involves a commitment by senior management;
  • Conduct a cybersecurity maturity self-assessment to identify priorities for improvement, and budget and resource allocation.


The NIS Directive classifies several categories of port operators as Operators of Essential Services (OES), including port authorities and terminal operators. Cyber risk assessments are among the NIS Directive requirements for these OES. The International Maritime Organisation’s (IMO) International Ship and Port Facility Security (ISPS) code concerns port facilities / terminal operators and provides a framework for conducting security risk assessment, albeit not necessarily specific to cyber risks. The ISPS code is implemented in the EU by Regulation 725/2004; while EU Directive 2005/65 on enhancing port security introduces similar requirements and extends them to ports.

The EU Agency for Cybersecurity supports cybersecurity in Europe’s maritime sector by providing recommendations, supporting the development of regulations, facilitating information exchange and organising awareness-raising events. In 2019, the Agency published its Port Cybersecurity Report with a set of cybersecurity good practices for the maritime sector, and organised two maritime security workshops with the European Maritime Safety Agency (EMSA).

The Agency is currently developing an online tool for cyber risk management for port operators, and will continue its work with EU bodies, such as the EMSA, and Member States to strengthen cybersecurity for the sector.

Further Information

Guidelines - Cyber Risk Management for Ports

Port Cybersecurity Report

Maritime Cybersecurity by ENISA


For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Driving the Global Ecosystem of Incident Response Capabilities: New Studies Now Available

Thu, 12/10/2020 - 09:00

The 12th meeting of the CSIRTs Network, held earlier this week, was the opportunity for the European Union Agency for Cybersecurity to introduce the following two new guides dedicated to improving the work of incident response teams:

The event, hosted by the German Presidency of the Council of the European Union, gathered together CSIRTs Network Members (EU Member States’ appointed CSIRTs and CERT-EU ) to discuss operational cooperation capabilities in the EU as defined by the Network and Information Security Directive.

The role of the CSIRTs Network is to provide a forum where the national and sectoral CSIRTs of all Member States and CERT-EU can cooperate, exchange information, and work on how to build trust. They are dedicated to the improvement of the way cross-border incidents are handled and how to respond in a coordinated manner to specific incidents. ENISA provides the secretariat of the CSIRTs Network and actively supports the cooperation between the members of the network and the organisation of their meetings.

What are the studies intended for?

Both studies are intended for incident response teams. The first one was conducted to investigate ways on how to establish and improve teams. The second one focusses on trends in Energy and Air Transport Incident Response (IR) and offers insights on current challenges and gaps.

How to set up CSIRT and SOC - Good Practice Guide

Cybersecurity threats are increasing and becoming more complex. One of the most effective ways to counter these threats is by creating a global ecosystem of computer security incident response teams (CSIRTs) and security operations centres (SOCs).

The purpose of this ecosystem is to facilitate communication, the sharing of information in order to respond to cyber-threats effectively. This can be achieved by providing relevant frameworks while increasing the number of CSIRTs and SOCs around the world and developing the maturity of existing CSIRTs and SOCs.

ENISA is assisting EU Member States with their incident response capabilities by providing them with various resources, such as documents, tools, materials and guidance. More than 40 teams from all over the world contributed to the content of the study.


The study developed on a results-driven approach. It is presented with a structure meant to provide guidance on the different stages of the establishment of a CSIRT or SOC organization. The reader will be guided on what to focus on at each stage of the process such as establishment and improvement.

This publication will be of specific interest to those who intend to establish a CSIRT or SOC. It will also help those looking for guidance on possible improvements according to the different types of CSIRTs and SOCs already created and functioning today. The guide builds on the existing work of ENISA, especially in the areas of maturity and training.

Sectoral CSIRT capabilities - Status and Development in the Energy and the Air Transport sector

Digital infrastructure, Information and Communication Technologies are critical to our societies and economies. Both Energy and Air Transport sectors face considerable threats with potentially disastrous financial and societal consequences. This is why they require solid Incident Response Capabilities (IRC).

Both sectors come with large supply chains and a multiplicity of stakeholders (Public authorities, Regulators, Professional associations, large industries, SMEs, etc.). They have, in recent years, taken steps to structure and strengthen their ability to face cyber threats and to respond to cyber incidents. The creation of ISACs to encourage information-sharing at the sectoral level is an excellent illustration of this evolution.

Context and scope of the study

This publication provides a continuation of the work on Sectoral IRC at European level following the publication of the 2019 “EU Member States incident response development status report”.

By providing an extensive analysis of the recent changes and evolutions of IR capabilities (IRC) within Air Transport and Energy sectors in the Member States, the study aims to increase the understanding and knowledge of IRC development under today’s circumstances. To that effect, the study was conducted in the light of the recent changes related to the Covid-19 pandemic and in the context of the upcoming revision of the NIS Directive.


The study is presented as a snapshot of the current situation in the area. General recommendations are provided around capabilities, regulations and collaboration. In particular, The study highlights a total of eight key findings on topics like establishment and organization of sectorial CSIRTs, specific services and competencies offered by such CSIRTs, tools and information sharing mechanisms used as well as challenges faced.

Further Information

CSIRTs Network website

Topic - CSIRTs Servicies

Topic - CSIRTs and communities


For question related to CSIRT

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Focus on National Cybersecurity Capabilities: New Self-Assessment Framework to Empower EU Member States

Mon, 12/07/2020 - 11:00

Why a capability assessment framework?

Cybersecurity capabilities are the main tools used by EU Member States to achieve the objectives of their National Cybersecurity Strategies. The purpose of the framework is to help Member States build and enhance cybersecurity capabilities by assessing their level of maturity.

The framework will allow EU Member States to:

  • Perform the evaluation of their national cybersecurity capabilities.
  • Increase the maturity level of awareness;
  • Identify areas for improvement;
  • Build new cybersecurity capabilities.

Download the ENISA Report - National Capabilities Assessment Framework

The origins of the concept

Developed with the support of 19 EU Member States, this framework was designed following an extensive exchange of ideas and good practices. The strategic objectives of the national cybersecurity strategies served as a basis of the study.

The framework was developed as part of the mandate of ENISA, as defined in the Cybersecurity Act. It falls under the provision to support EU Member States in building capacities in the area of national cybersecurity strategies through the exchange of good practices.

The key features

The self-assessment framework is composed of 17 objectives structured around 4 clusters. Each of these clusters is associated to a key thematic area for building cybersecurity capacity. Different objectives are also associated to each cluster. Based on 5 levels of maturity, specific questions were devised for each objective.

The clusters are as follows:

  • (I) Cybersecurity governance and standards - This dimension considers aspects of planning to prepare the Member State against cyber-attacks as well standards to protect Member States and digital identity
  • (II) Capacity-building and awareness - This cluster assesses the capacity of the Member States to raise awareness on cybersecurity risks and threats and on how to tackle them. Additionally, this dimension gauges the ability of the country to continuously build cybersecurity capabilities, increase knowledge and skills in the cybersecurity domain.
  • (III) Legal and regulatory - This cluster measures the capacity of the Member States to put in place the necessary legal and regulatory instruments to address cybercrime and also address legal requirements such as incident reporting, privacy matters, CIIP.
  • (IV) Cooperation - This cluster evaluates the cooperation and information sharing between different stakeholder groups at the national and international level.

Target Audience

The report issued is intended for policymakers as well as experts and officials responsible for, or involved in the design, implementation and evaluation of a national cybersecurity strategy and/or of national cybersecurity capabilities.

Further Information

ENISA Topic - National Cybersecurity Strategies

ENISA Report - Good Practice Guide on NCSS

ENISA Report - Good practices in Innovation

NCSS Evaluation Tool

NCSS Interactive Map

Press Contact

For questions related to the press and interviews, please contact press (at)

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


16th Meeting of Article 19 Expert Group: Strengthening Security for e-Trust Services

Fri, 12/04/2020 - 11:00

On the 1st and 2nd  of December, the European Union Agency for Cybersecurity (ENISA) held the 16th meeting of the ENISA Article 19 Expert Group to focus on the security of Europe’s electronic trust services, which include digital signatures, digital certificates, electronic seals, timestamps and more. The expert group’s work focuses mainly on the security of trust services, and the technical details of security incident reporting and cross-border incident reporting between EU Member States.

At the two-day online meeting, 53 experts from eIDAS supervisory bodies, the European Commission and the EU Agency for Cybersecurity exchanged information and good practices on how to supervise security in the trust services sector. Experts discussed trust services security incidents occurring in the past six months, a recent digital signature vulnerability and steps to minimise the impact on trust services. Discussions also covered the security aspects of PDF Advanced Electronic Signatures (PadES), and the registration process and identification of signatories.

The Commission provided an update on the ongoing review of the eIDAS Regulation, which provides an EU framework for trust services and national eID schemes. The EU Agency for Cybersecurity presented its updated CIRAS tool for incident reporting, which facilitates cross-border collaboration on supervision topics. The Agency also presented its upcoming papers on the “Capability Maturity Model for eID Schemes” and on methods to carry out remote identity proofing.

About the ENISA Article 19 Expert Group

In 2015, the EU Agency for Cybersecurity set up the Article 19 Expert Group to support voluntary collaboration between Member States on the technical details of how to implement eIDAS Regulation Article 19, which sets the security requirements for trust service providers. The group meets two times per year, usually back-to-back with bi-annual meetings of the Forum of European Supervisory Authorities for trust service providers (FESA).

Currently chaired by Ulrich Latzenhofer, a representative of the Austrian Regulatory Authority for Broadcasting and Telecommunications (RTR), the expert group consists of more than 80 experts from national authorities of 31 EU, EFTA and EU candidate countries. The group produces technical guidelines on the implementation of the incident reporting under Article 19.

The EU Agency for Cybersecurity supports the expert group with reports, studies and analysis. In 2019, the Agency produced two reports assessing the relevance of specific standards for the implementation of eIDAS, and two reports exploring the harmonisation of security requirements for QTSPs and the technological landscape for eID schemes (see: ENISA News - Earning Trust: ENISA on eID and Trust Services). Every year, the Agency also publishes an annual summary report about major security incidents.


Since 2013, the EU Agency for Cybersecurity has been at the forefront of the developments in eIDAS. The Agency has been supporting the Commission and the Member States in the area of trust services by providing security recommendations for the implementation of trust services; mapping technical and regulatory requirements; promoting the deployment of qualified trust services across Europe, and more. The EU Cybersecurity Act of 2019 has strengthened the Agency’s role is supporting the implementation of eIDAS. 

Further Information

ENISA Incident Reporting webpage

ENISA Article 19 Expert group portal


To learn more about the work of the ENISA Article 19 Expert Group, please contact us via resilience (at)

For press questions and interviews, please contact press (at)



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA Report Highlights Resilience of Telecom Sector in Facing the Pandemic

Thu, 11/26/2020 - 11:00

Today, at the 32nd meeting of EU telecom security authorities, the European Union Agency for Cybersecurity (ENISA) is releasing its Telecom Security During a Pandemic report, which gives an overview of initiatives and good practices in the telecom sector to mitigate the impact of the pandemic. The report highlights the resiliency of telecom networks and services during the pandemic, which sustained major fluctuations in usage and traffic. The report also points to the need for increased cooperation between the public and private sectors as the role of telecoms expands. 

The COVID-19 pandemic triggered major changes in the use of telecom networks and services: employees are teleworking; students are learning online; people are communicating via video. Almost overnight, the telecoms sector became a lifeline for Europe’s citizens and businesses. The pandemic put the telecom sector to the test with traffic peaks and spikes, combined with a national crisis and difficult working circumstances. Peaks followed major announcements about the pandemic; spikes occurred after news of lockdowns and closures. The diagram below shows the correlation between COVID-19 cases and fluctuations in network traffic on a single timeline. This is an example of one provider in one EU country, but it is representative of what other operators in Europe observed. 

Figure: A schema of the volume of traffic on the telecommunications networks as the pandemic evolved (SourceFastly)

The report is divided in three parts:

  • Early response phase: The report assesses the steps taken by telecom providers in the early response phase when providers activated their business continuity plans and supported emergency communications and communications via public warning systems. 
  • From initial strain to the new normal: Telecom providers had to deal with major surges and shifts in usage and in traffic patterns from the start of the pandemic. Gradually, this stabilised and became “the new normal”. The report examines the changes in usage, traffic patterns and network performance during the pandemic, and provides various examples of how providers managed the increased network loads. 
  • Response by the national authorities and collaboration with the telecom sector: The report provides a brief country-by-country summary of the pandemic response by the national telecom security authorities in the Union. It also highlights examples of industry initiatives, collaboration initiatives and information sharing between providers and authorities.

About the ECASEC Meeting (32nd Meeting of the Article 13a Expert Group)

On the 25th of November, the EU telecom security authorities expert group kicked off a two-day meeting with the European Commission and the EU Agency for Cybersecurity to exchange information and good practices on telecom security. This 32nd meeting focuses on the implementation of the Electronic European Communications Code (EECC), which EU Member States will need to adopt into their telecom regulations before the end of 2020.  

The group is chaired by Warna Munzebrock, the representative of the Agentschap Telecom, the Dutch Radio-communications Agency. Ms Munzebrock opened yesterday’s meeting by welcoming experts from across Europe. The authorities also voted to change the name of the group from the ENISA Article 13a Expert Group to ECASEC (European Competent Authorities for Secure Electronic Communication), due to the upcoming regulatory changes. 

Participants discussed the incident reporting thresholds under the new Electronic European Communications Code (EECC). Experts from the EU Agency for Cybersecurity presented the newly updated CIRAS tool for incident reporting, which includes more support for cross-border collaboration on supervision topics. The group received updates from the Commission on the progress of the NIS Directive review and from BEREC representatives on the work of the ad-hoc 5G cybersecurity workgroup. 

Today, participants will take part in a roundtable discussion about their national legislative developments, telecom security incidents over the past six months, as well as key trends and observations. ENISA will provide an update on the update of the technical guideline on security measures, the supplementary 5G security profile and the results of the ENISA study on Resilience and Security of so-called over-the-top (OTT) communication services. 

About the ECASEC Expert Group (formerly Article 13a Expert Group)

Established in 2010, the group consists of more than 50 experts from national telecom security authorities from 31 EU, EFTA and EU candidate countries, who supervise the security of telecom networks and services. The group produces technical guidelines for European authorities on the implementation of EU telecom security rules and publishes a summary report about major telecom security incidents yearly. The group aims to adopt two technical guidelines on incident reporting and security measures under the EECC before the end of 2020. The next expert group meeting is set to take place in the first quarter of 2021.


To know more about the work of ECASEC, formerly the ENISA Article 13a group, or to join the ENISA telecom security mailing lists, to be up to date about our telecom security work and receive invitations for future telecom security meetings, please contact us via resilience (at)

For questions related to the press and interviews, please contact press (at)

European SMEs facing increased cyber threats in changing digital landscape

Mon, 11/23/2020 - 11:00

On the 17th of November, the European Union Agency for Cybersecurity (ENISA) organised an online workshop for European small and medium-sized enterprises (SMEs) to share their first-hand experience of working towards strengthened resiliency in the face of COVID-19-related cybersecurity challenges. Participants also offered their views on the initial findings from the ENISA Cybersecurity for SMEs report, due out in the coming months.  

Accounting for more than half of Europe’s GDP, SMEs are a key driver of innovation and growth across the Union. Their well-being is vital to both the economy and society. The pandemic has put an incredible stress on these businesses this year. SMEs are not only navigating a new digital realm where employees work from home and business is increasingly conducted online, but they are also facing more advanced and targeted cyber threats.

Dr. Evangelos Ouzounis, Head of the Secure Infrastructure and Services Unit of the EU Agency for Cybersecurity, opened the one-day workshop with a keynote speech about the Agency’s work with SMEs - from publishing guidance on best practices to gathering stakeholders across communities to increase cybersecurity awareness. Dr. Ouzounis introduced Oana-Georgiana Popescu of the Executive Agency for Small and Medium-sized Enterprises (EASME), who discussed the European Innovation Council Accelerator’s community platform, and connection to the research and innovation programme, Horizon Europe (2021-2027).

Moderated by Ms. Popescu, panellists from SMEs with expertise in cybersecurity and information technology discussed current obstacles and their efforts towards increasing cyber resiliency. Brian Honan, founder of Ireland-based BH Consulting, highlighted the dangers of social engineering attacks. Antonio Ramos, CEO of Leet Security in Spain, presented cybersecurity capability building models and security governance. Peter Stelzhammer, co-founder of Austria’s AV Comparatives, offered examples of anti-malware solutions. Piotr Żabrowski of Poland’s discussed cybersecurity in the e-commerce sector.

The event highlighted SME’s increasing need for the right tools to stay ahead of the game and be prepared for cyber threats before they happen. Participants welcomed the work and involvement of the EU Agency for Cybersecurity and expressed a great interest in participating in further SME-targeted initiatives by the Agency.


For nearly 15 years, the EU Agency for Cybersecurity has been pushing forward cybersecurity initiatives to assist SMEs to integrate cybersecurity into their digital environments. Starting in 2006 and 2007, the Agency published two Information Package for SMEs reports, providing risk assessment and management methodologies for SMEs. In 2010, the Agency published the Business Continuity for SMEs report to help facilitate IT knowledge transfer to SMEs. In 2015, the Cloud Security Guide for SMEs report was released to assist SMEs understand the security risks and opportunities regarding cloud services; and two years later, the Agency’s Guidelines for SMEs on the security of personal data processing were published.

This year, the EU Agency for Cybersecurity has released a series of tips to help businesses face the rapidly changing digital sphere during the pandemic: Tips for selecting and using online communication tools; Tips for cybersecurity when buying and selling online; Tips for cybersecurity when working from home; Top ten cyber hygiene tips for SMEs during covid-19 pandemic. Most recently, in November 2020, the EU Agency for Cybersecurity and the National Cyber Security Alliance released a joint checklist for SME, offering businesses on both sides of the Atlantic a basic guide to maintaining digital security.

The upcoming ‘Cybersecurity for SMEs: Challenges and Recommendations’ report is part of the Agency’s wider work to increase the cybersecurity resiliency of SMEs across Europe. The publication is based on a two-month-long public survey in which more than 250 European SMEs identified their main cybersecurity challenges and their level of preparedness to cope with the most common cyber threats.

Press Contact

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Deep Dive into the Connected and Automated Mobility (CAM) Ecosystem: New Report

Fri, 11/20/2020 - 11:00

The Connected and Automated Mobility (CAM) sector is a whole ecosystem of services, operations and infrastructures formed by a wide variety of actors and stakeholders. This ecosystem not only generates transformation in the industries but also considers how to meet the needs of the citizens for safer, cyber secure, increased sustainability, and for easier transportation.

CAM has the potential to change the way society perceives transportation. This sector is meant to highly benefit from digitalisation allowing vehicles to be connected with their surroundings and the drivers. Solving congestion, reducing pollution, decreasing the number of road accidents, and improving access to mobility are the substantial advantages society is intended to enjoy.

In order to achieve such results, however, cybersecurity plays a crucial role in the evolution of the CAM ecosystem.

The increase in connectivity and automation of vehicles and surrounding infrastructures is taking cybersecurity challenges, threats, and risks to a higher level.

The CAM ecosystem requires stakeholders to ensure compliance with cybersecurity standards and the implementation of cybersecurity measures for the safe functioning of the infrastructures involved and for the secure monitoring and delivery of services.

How the EU policy framework comes into play today

In the light of such developments, the European Commission and Member States competent authorities are about to transpose into EU policy the provisions of the regulations of cybersecurity and software updates of the United Nations adopted by the World Forum of Harmonisation of Vehicle Regulations (WP.29) of the UN Economic Commission for Europe (UNECE). Such provisions take into account the needs of all CAM stakeholders. The regulation requires all car manufacturers in the EU to secure connected vehicles against cyberattacks. This regulation is expected to enter into force in Europe from July 2022 and will be mandatory for all new types of vehicle.

What is the report focused on

The report published today provides an in-depth mapping of the key stakeholders and relevant bodies and organisations in the EU. It includes an overview of the relevant critical services, systems and infrastructures part of the CAM cybersecurity ecosystem (see also CAM
systems and infrastructures mapping infographic

The findings complement the key cybersecurity challenges of the CAM stakeholders already identified in the Recommendations for the Security of Connected and Automated Mobility report to be published soon by ENISA.

ENISA Report - Cybersecurity Stocktaking in the CAM

Target audience

The report is intended to support the work of the European Commission and the Member States competent authorities in the transposition of the UN cybersecurity regulation into EU policy.

Decision-makers who are responsible for the protection of security and resilience of the CAM ecosystem at EU level will find in the report the relevant cybersecurity measures and key issues they need to consider to draft their cybersecurity baseline.

The report is also expected to be of particular interest to Operators of Intelligent Transport Systems (OITS), Original Equipment Manufacturers (OEMs), Road Authorities (RA), Smart City Operators and standardisation bodies among others.

Further Information

ENISA is already engaged in the cybersecurity of smart cars and intelligent transport systems and issued publications of existing standardisation, legislative and policy initiatives, as well as good practices and security measures to ensure the security of smart cars against cyber threats.

ENISA Report - Cybersecurity Stocktaking in the CAM

ENISA Tool - Good practices for IoT and Smart Infrastructures - Smart Cars

ENISA Report - Good Pactices for Security of Smart Cars

ENISA Report - Cyber Security and Resilience of Smart Cars

Press Contact

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA’s 48h Hackfest puts Europe’s cybersecurity talent to the test

Thu, 11/19/2020 - 09:00

On the 16-17th of November, the European Union Agency for Cybersecurity (ENISA) organised “ENISA Hackfest 2020”, a Capture the Flag (CTF) event between cybersecurity professionals and students to connect and train the teams participating in the 2021 European Cyber Security Challenge (ECSC). Contestants were challenged on an individual level to solve cybersecurity problems in areas such as web security, mobile security, crypto, reverse engineering and forensics. The Hackfest brought together more than 250 participants from 17 EU and EFTA countries. The event was held in a virtual format.

Now more than ever, there is an increasing demand for IT security professionals with proven skillsets in cybersecurity. In an effort to reduce the widening skills gap, many European countries have launched national cybersecurity competitions for students, university graduates and even non-ICT professionals, which enables them to identify young cyber talent and encourage them to pursue careers in cybersecurity.

About the European Cyber Security Challenge (ECSC)

The ECSC is an initiative by the EU Agency for Cybersecurity and Member States that adds a pan-European layer to the national competitions. The ECSC works to enhance cybersecurity talent across Europe by connecting high-potential individuals with industry leading organisations. The annual event brings together young cyber talent to network and collaborate, compete against each other and meet with organisation representatives. The 6th European Cyber Security Challenge (ECSC) is set to take place next year in Prague, Czech Republic. To learn more, please visit the European Cyber Security Challenge website.


The EU Agency for Cybersecurity is committed to furthering the development of cybersecurity skills and competence across the Union. The Agency has supported the organisation of the ECSC since 2014, and has been the acting secretariat of the ECSC Steering Committee since 2016. The Agency has published the Cybersecurity Skills Development in the EU report, providing the status of the cybersecurity education system, and has created the ENISA Ad Hoc Working Group on the European Cybersecurity Skills Framework. The Agency also maintains a list of cybersecurity academic programmes in Europe (Cybersecurity Higher Education Database) to help match students with education in cybersecurity.

Press Contact

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Healthcare’s Cybersecurity Incident Response Spotlighted at European Security Event

Wed, 11/18/2020 - 10:00

On the 23rd of November, part three of the eHealth Security Conference 2020: Working Together Towards Secure eHeath will kick off with talks about healthcare’s cybersecurity incident response in Europe. The session, Incident Response While in Crisis, will highlight actual events fueled by the COVID-19 pandemic. It will examine how the private and public sectors are supporting the system at EU Member State level, and how information exchange across communities is working to advance the preparedness of healthcare across Europe.

While under normal circumstances healthcare has been a target of cybercrime due to the high value of health data and the criticality of health services, now more than ever it has become a target for malicious actors, who have introduced more advanced phishing campaigns and ransomware attacks since the onset of the pandemic. As Europe’s health system is being pushed to the limit, responding to cyber attacks has become an almost insurmountable challenge to face. The cybersecurity community has come together to raise awareness and offer real solutions to help prepare healthcare providers.


The Danish Health Data Authority and the European Union Agency for Cybersecurity (ENISA) redesigned the eHealth Security Conference this year to focus on three areas of healthcare’s most pressing cyber challenges with deep-dive sessions across three months. The first session held in September focused on cybersecurity in healthcare during the pandemic; and the second session held last month covered cybersecurity for COVID-19 tracing mobile apps.

The final session will be in a virtual format, and will be accessible to the public for live viewing on 23 November at 14:00-16:00 CET here: ENISA YouTube channel.

EU Agency for Cybersecurity Executive Director Juhan Lepassaar will open the session with a keynote speech centred on building up cyber resiliency across Europe’s health system. The two-hour session will review how the system has responded to incidents over the past months and analyse how some of the key lessons learned have been translated into actions to push forward this cyber resiliency.

Security and healthcare experts from the Computer Emergency Response Team for the EU Institutions, Bodies and Agencies (CERT-EU), the Netherlands healthcare CERT (Z-CERT), the Institut Luxembourgeois de Regulation (ILR) and the Danish Healthcare Cyber and Information Security Unit (DCIS) will share recommendations for the technical aspects of incident responses.

Highlights of Session II - “Cybersecurity in COVID-19 Tracing Mobile Apps”

Last month’s session on Cybersecurity in COVID-19 tracing mobile apps found that governments are capable of creating country-scale apps that put privacy and security as the top requirements.

  • Christian D’Cunha, Policy Officer at DG Connect, European Commission opened talks with a keynote about the mid-term appraisal of COVID-19 apps, six months on. He noted that most Member States have launched or are preparing to launch their national apps for contact tracing - indicating a high level of convergence at EU level. He also summarised the activities around the European Federation Gateway Service (EFGS), which will enable encrypted information exchange between national applications.
  • Moderated by Dr. Evangelos Ouzounis, Head of the Secure Infrastructure and Services Unit at the EU Agency for Cybersecurity, session panellists discussed how these apps work to complement physical tracing in a secure manner.
  • Representing the Danish Patient Safety Authority, Birgitte Drewes noted that in Denmark the app was created primarily to complement the physical tracing process and aims to have a fully anonymous functionality, as the data is stored entirely on the device itself.
  • Dr. Dina Truxius of Germany’s Federal Office for Information Security (BSI) discussed how the BSI conducted the entire security assessment and focused on continuously performing testing on the front and the backend.
  • Advisor to the President of Latvia Ieva Ilves presented the Latvian framework, and underlined the importance of raising awareness of the national COVID-19 tracing and warning app.
  • Expert for the Dutch Ministry of Health Dirk-Willem van Gulik highlighted the initial challenges of producing the Dutch app, which is now a fully open source app built up on a decentralised architecture.


The European Union Agency for Cybersecurity has been actively supporting the healthcare sector since 2015. The Agency has published several reports about cybersecurity in healthcare, including Security and Resilience in eHealth Infrastructures and Services, Cybersecurity and Resilience for Smart Hospitals and Procurement Guidelines for Cybersecurity in Hospitals. The EU Agency for Cybersecurity is currently working on a report about cloud cybersecurity in healthcare for January 2021. The report aims to tackle the issue that cloud integration in the EU healthcare sector is still in its infancy by proposing 17 security and data protection measures to ensure cloud security.

The Agency also works in close collaboration with Member State national authorities and healthcare organisations on the implementation of the NIS Directive. During the pandemic, the NIS Cooperation Group focused greatly on the implementation of the NIS Directive in healthcare. Another area in which the Agency collaborates is with the eHealth Network established under the European Commission’s Directorate-General for Health and Food Safety (DG SANTE), which works towards the cross-border exchange of healthcare information and services, and with the Joint Action to Support the eHealth Network (JAseHN). For example, the Agency supported the drafting of cybersecurity guidelines for COVID-19 tracing apps.

Moreover, the EU Agency for Cybersecurity participates in the Medical Device Coordination Group, which produced the guidance on cybersecurity for medical devices in the context of the Medical Devices Regulation under the European Commission's Directorate-General for the Internal Market, Industry, Entrepreneurship & SMEs (DG GROW).

Press Contact

For questions related to the press and interviews, please contact press (at)


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


EU Agency for Cybersecurity launches ISAC in a BOX Toolkit

Mon, 10/26/2020 - 12:00

European legislation, such as the Cybersecurity Act and the NIS Directive (NISD), promotes the creation of European and National Information Sharing and Analysis Centres (ISACs). ISACs are private public partnerships (PPPs) between stakeholders exposed to similar cybersecurity vulnerabilities and threats and they are usually formed by private sector initiative, in particular operators of essential services of the critical sectors. ISACs collect, analyse and disseminate actionable threat information to their members and provide them with tools to mitigate risks and enhance resilience.

ENISA’s task is to support the creation and development of ISACs and advise them to strengthen their cooperation, build trust and exchange information using tools and mechanisms that are beneficial for all parties. ENISA participates and offers advice and expertise in several European initiatives regarding the development of ISACs through:

  • Connecting Europe Facilities (CEF) call for ISACs as a technical advisor;
  • Inter-EU ISAC platform as a facilitator;
  • European Energy (EE) ISAC as a member;
  • European Financial (FI) ISAC as secretariat;
  • European Maritime (EM) ISAC as a member;
  • European Rail (ER) ISAC as a member.

More information can be found in the Infographic – Benefits of an ISAC

Objective and description of the toolkit                                                 

ENISA developed this comprehensive toolkit, following studies on the ISAC concept, to address the need to facilitate community building and collaboration across ISACs. The toolkit aims at providing practical guidance and the means to empower industry to create new ISACs and to further develop already existing ones.             

The main success factors for ISACs are Trust and Sharing. If there is trust, information will be shared and added value will be created - ISAC in a BOX follows the same approach. It is divided in four phases and contains all activities, documents and tools needed to start, develop and evaluate an ISAC. Each phase includes the basic elements that need to be fulfilled to go to the next phase.

  • Build phase: It’s all about setting the goals, participants and purpose for the ISAC; agreeing on the budget and the right cooperation mechanisms.
  • Run phase: Governance is key to share information through meetings and develop trust and building capacities among the ISAC participants.
  • Evaluation phase: Evaluation is an essential part of the ISAC lifecycle which helps to keep it on track, measure its impact and assess its momentum in order to bring it to the next phase.
  • Develop phase: Time for action! This phase focuses on enhancing ISAC’s sophistication, its further development and outreach strategies.

Access the tool via this link:

Further information:

ENISA works on the topic of ISACs since 2009:

Good Practice - Guide on Information Sharing (2009)

Study - incentives and Barriers to Information Sharing (2010)

Study - Effective Collaborative models for ISACs (2018)

Opinion paper - ISAC Cooperation (2019)

Press contact:

For questions related to the press and interviews, please contact


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


eHealth Security Conference on Covid-19 tracing mobile apps this week and key findings from session 1

Mon, 10/19/2020 - 09:00

Together with the Danish Health Data Authority, the European Agency for Cybersecurity (ENISA) organises the eHealth Security Conference online Series on a monthly basis. The 1st edition focused on cybersecurity in healthcare during the COVID19 crisis. The event is available on the ENISA YouTube channel.

The next live session will present views and cybersecurity concerns about Covid-19 tracing mobile Apps on 23rd October 14:00-16:00 CET.

 Key findings of the conference: Cybersecurity in healthcare in times of a pandemic

 Preparedness through cooperation and trust to be further improved;

  • Extra efforts to raise awareness on cybersecurity issues among healthcare professionals to be made;
  • Privacy aspects in relation to eHealth security to be addressed;
  • Explore security options provided by other technologies (such as cloud solutions).
Cybersecurity in eHealth: why does it matter?

The cybersecurity required in hospitals is not different from the cybersecurity required in other sectors. However, the essential difference here lays on the impact it may have on patients’ safety.

In addition to the needs highlighted by our participants, funding has been identified as a key element. It has become obvious that the cost of a cybersecurity incident may be significantly higher than the investment required to prepare against it. It was commonly agreed that hospitals will need extra national funding in order to reach the levels of cybersecurity required to operate securely.

Working together towards secure eHealth: participants contributions

Vibeke van der Sprong, Deputy Director General of the Danish Health Data Authority, introduced the measures applied in Denmark to enhance cooperation and support information sharing. Cyberattacks significantly increased over the last months. The necessity for employees to telework during the pandemic has been an aggravating factor. The authority worked closely with health professionals and launched a digital platform for information exchange. This platform was adjusted to meet the pandemic requirements, showing a flexible approach. An important point is to ensure how to best be prepared, through collaboration and trust, for the Danish healthcare system to quickly and adequately respond to the crisis.

Albert Haro, member of the Agencia de Ciberseguretat de Catalunya commented that the crisis shed a light on essential points to consider, such as:

  • Preparedness to reduce the impact of incidents;
  • Ensure flexibility by using cloud solutions;
  • Consider the privacy aspects in the complex cybersecurity eHealth landscape;
  • Promote awareness to healthcare professionals.

According to Sabina Magalini, from the Fondazione Policlinico Universitario A. Gemelli, the healthcare sector will never be the same after this crisis. Hospitals have avoided reporting cybersecurity incidents in fear of heavy sanctions. With the new era of remote working and life conditions, hospitals will be facing the development of teleworking and the increased need to resort to smart devices to operate. To support the cybersecurity challenges of these developments, the EU issues regulations specifically tailored to the health sector.

Martin Konir, from the Bulovka Hospital, reported that hospitals in the Czech Republic were the targets of heavy attacks during the first wave of the pandemic. However, thanks to the support of the National Authority, these attacks were neutralised. As a consequence of the media coverage of such events, the population is now aware of the issues and can understand the risks better. The situation has therefore created traction to implement stronger cybersecurity measures.

Join the 2nd online session of the eHealth Security Conference Series

The next live session will focus on cybersecurity for the Covid-19 tracing mobile applications and will introduce the EC toolbox. The session will take place on 23rd October 14:00-16:00 CET. The keynote speaker will be Christian D'Cunha from the European Commission, together with the designated panellists:

Join us here

Press Contact

For questions related to the press and interviews, please contact press (at)



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Measuring ‘Security and Trust’ at the Annual Trust Services Forum

Wed, 10/14/2020 - 11:00

On September 22, the European Union Agency for Cybersecurity (ENISA), in collaboration with the European Commission, delivered the 6th annual Trust Services Forum, which attracted more than 500 participants and brought together trust service providers, conformity assessment bodies, supervisory bodies and experts to discuss the practical and emerging issues under the eIDAS Regulation across Europe. This conference took place on the eve of the 12th annual CA-Day, organised by D-TRUST, in cooperation with TÜViT and ESMT. Both conferences were held in a hybrid format, with physical presence for the panellists at ESMT, in Berlin and virtual presence for the participants.

In the past three years, the Trust Services Forum and CA-Day have taken place back-to-back to offer participants a two-day deep dive into the policy and technical aspects of the implementation of the eIDAS Regulation, which provides the regulatory framework in the European Union for electronic identification and Trust Services for cross-border electronic transactions. This year’s programme was held during the first review of the application of the eIDAS Regulation (eIDAS).

The European Union Agency for Cybersecurity Executive Director Juhan Lepassaar said: The EU Agency for Cybersecurity, ENISA, is moving fast to cover the ground of electronic identity and complement its ongoing support to the European Commission and the Member States in Trust Services. The work of ENISA on e-identity can complement the Commission’s efforts to increase EU citizens’ control over how their data is used, and contribute to a more cyber secure and trusted digital market across Europe.”

With eIDAS, the EU has laid the foundation and legal framework for citizens, businesses and public administrations to safely access services, and carry out transactions online and across borders. eIDAS solutions can create savings for companies and roll out the means for any cross-border activity that requires a secure and trusted environment.

However, the COVID-19 pandemic across the EU has highlighted the security concerns of remote identification and authentication processes. Panellists elaborated on the upcoming revisions of the eIDAS that will aim to improve its effectiveness, extend its application to the private sector and promote trusted digital identities for all EU citizens


The Trust Services Forum acts as a platform for participants to share their good practices on the implementation of trust services; review the standards, implementing acts and technical guidelines within the eIDAS; and discuss strategies to promote the adoption of qualified trust services. The EU Agency for Cybersecurity supports the Commission on the implementation of the eIDAS by providing security recommendations for the implementation of trust services, mapping technical and regulatory requirements, promoting the deployment of qualified trust services in Europe and raising awareness among users on securing their e-transactions. Under the EU Cybersecurity Act of 2019, the Agency gained an extended mandate to explore the area of electronic identification (eIDs) included in the regulation.

About the Trust Services Forum

Event webpage: Trust Services Forum - CA Day 2020

Trust Services Forum Agenda

Trust Services Forum Registration

About ENISA Publications

2019 Annual Report on Trust Services Security Incidents

ENISA Website: Incident Reporting Topic

ENISA Report: Overview of standards relate to eIDAS

ENISA Report: Assessment of ETSI TS 119 403-3 related to eIDAS

ENISA Report: Overview of standards related to eIDAS

ENISA Report: eIDAS compliant eID Solutions

Press Contact

For questions related to the press and interviews, please contact press (at)



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Cybersecurity exercise boosts preparedness of EU Agencies to respond to cyber incidents

Mon, 10/12/2020 - 11:00

On 8 October, the European Union Agency for Cybersecurity (ENISA), in cooperation with the Computer Emergency Response Team for the EU Institutions, Bodies and Agencies (CERT-EU), the European Centre for Disease Prevention and Control (ECDC) and the European Food Safety Authority (EFSA), produced the first cybersecurity exercise for the ICT Advisory Committee of the EU Agencies and Institutions (ICTAC) to help enhance their cooperation and information sharing in the face of cyber-attacks. The exercise took place during the Committee’s 36th meeting, which was held in a virtual format.

More than fifty representatives from EU Agencies, managers of IT units and Chief Information Security Officers (CISOs), together with observers from the European Commission, participated in this first remote EU tabletop exercise (with the code name ICTAC Ex 2020). They were asked to respond to specific cyber incidents and decide on the optimal response measures. The scenario involved incidents related to defacement, spear phishing campaigns and ransomware.

The ICTAC Exercise is in line with the European Commission’s Blueprint on the prevention, preparedness, response and recovery to large-scale cybersecurity incidents and crises. The exercise was carried out using the Cyber Exercise Platform of the EU Agency for Cybersecurity (ENISA) and tested the CERT-EU’s technical Standard Operational Procedures (SOPs). It also provided valuable lessons on the organisation of such events in virtual format in the future.

More Information

About the European Union Agency for Cybersecurity, visit | @ENISA_EU

About CERT-EU, visit  | @CERTEU

About the European Centre for Disease Prevention and Control, visit | @ECDC_EU

About the European Food Safety Authority, visit |@EFSA_EU

Press Contact

For questions related to the press and interviews, please contact press (at)



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Highlights on the National Cybersecurity Strategies

Thu, 10/08/2020 - 10:00

The goal of the event was to validate the results of the study for the creation of a national capabilities assessment framework together with the EU Member States and other related stakeholders.

The purpose of the framework is to help Member States perform a self-assessment of their level of maturity. By assessing their National Cybersecurity Strategy objectives both at strategic and at operational level, Member States will be able to possibly enhance existing and build new cybersecurity capabilities. Other benefits include:

  • Identification of elements missing within the strategy;
  • Establish a history of lessons learned;
  • Referencing best practices;
  • Generate credibility and showing transparency for the public, National and international stakeholders and partners.

60 participants coming from academia, EU institutions, National Authorities, Ministries, and CSIRTs attended the online workshop. They were all actively engaged in the assessment and validation of the proposed report, which will be published late this year or early next year.

Members of the Hellenic Ministry of Digital Governance and of the Ministry of Justice and Security in the Netherlands also intervened. Each of them gave a short presentation on the recent NCSS efforts conducted in Greece and in the Netherlands respectively. They also shared the main challenges they face as well as good practices and lessons learned.

The representatives identified the following challenges and lessons learned:

  • Most resources tend to be dedicated to the planning and implementation phase. While obviously important, this may lead to a lack of coordination and organisation in the monitoring and evaluation phase of the strategy.
  • The strategy should provide explicit ownership and accountability for the measures identified to reach the objectives. This is not currently the case.
  • Clarifying relations between objectives, measures, resources and expected outputs of the next national strategy will be essential in order to re-structure the policy theory.
  • Cybersecurity is a domain where information is highly confidential and not easily distributed. This is why it is crucial for EU Member States to have common tools and processes based on the shared experience.

Background on National Cybersecurity Strategies

In line with its strategic objectives, the European Agency for Cybersecurity, (ENISA) supports the efforts of Member States in the area of NCSS by:

  • Supporting cybersecurity as an integral part of national policies through the development of guidelines on the NCSS lifecycle and through analysis of existing strategies to outline good practices. The Good Practice Guide on NCSS published in 2016 is one of them.
  • Supports cutting-edge competencies and capabilities through performing deep dives on specific national strategic objectives, such as the publication on the Good practices in Innovation. This can also be done by developing online tools to support the uptake of lessons learned and good practices. Examples of such tools are the NCSS evaluation tool and the NCSS Interactive Map.
  • Empowering and engaging Member States through community building by maintaining an experts group on NCSS and by fostering cooperation and exchange of good practices between MS. Publications on effective collaborative models for PPPs and ISACs are good examples of such effort.

All Member States have developed a National Cybersecurity Strategy since 2017. Most MS have implemented their strategy while some have already published a 2nd or 3rd version.

Further Information

ENISA Topic - National Cybersecurity Strategies

Press Contact

For questions related to the press and interviews, please contact press (at)

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Ninth ENISA-EC3 Workshop on CSIRTs-LE Cooperation: standing shoulder-to-shoulder to counter cybercrime

Tue, 09/22/2020 - 09:30

The CSIRTs and LE communities from the EU and EFTA countries, together with representatives from the EU Institutions and Bodies and the Council of Europe, met to discuss ways to effectively cooperate for the purpose of countering cybercrime. The favourable conditions for cybercrime caused by the COVID-19 pandemic have only rendered this meeting even more important. Keeping all stakeholders involved, as stressed by ENISA, has been overwhelmingly accepted in this year’s event, organised by invitation only. As a result of the COVID-19 situation, the CSIRT and LE communities had to coordinate their reactions and respond to the attacks targeting, for instance, the health sector already facing a critical situation because of the pandemic.

During the workshop the participants had also the opportunity to share success stories and bring forward national examples of cooperation and crisis management, as well as initiatives from EU Institutions and bodies. Experts discussed relevant EU policy developments, cooperation frameworks and response mechanisms against cyber threats.

Key Takeaways

Key takeaways of the workshop were that trust is the cornerstone of the CSIRTs and LE cooperation and that the judiciary needs to be involved at an early stage of a response to an attack. The event also highlighted that it is essential to have the legal and policy framework and the necessary tools and procedures in place. Finally, crises offer a unique opportunity to test CSIRTs and LE cooperation and identify gaps.

The 2020 ENISA report on CSIRTs and LE cooperation, expected to be finalised by end of 2020, will be published in the publication section of the ENISA website.

Further Information

For questions related to CSIRTs and LE cooperation, please contact:


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Leadership from ENISA and FORTH further talks on Cybersecurity Collaboration

Thu, 09/10/2020 - 08:00

On 2 September 2020, an executive delegation from the European Union Agency for Cybersecurity (ENISA) toured the premises of the Foundation for Research and Technology – Hellas (FORTH) in Heraklion, Crete to advance research collaboration in cybersecurity.

EU Agency for Cybersecurity Executive Director Juhan Lepassaar met with FORTH President Prof. Nektarios Tavernarakis and FORTH’s directors to further discuss cooperation and other actions such as the co-organisation of workshops and the annual NIS Summer School.

Mr. Lepassaar toured the foundation’s facilities and was briefed on the activities of the Institute of Computer Science, in particular on the Institute’s work on System and Network Security, and Internet Security. He also visited the Precision Medicine & Genomics Unit, the Ancient DNA infrastructures, the Attosecond Laboratory and the Ambient Intelligence Infrastructures. FORTH’s directors and researchers also shared updates on their work in the field of coastal and marine research, as well as the study and treatment of phenomena and problems due to climate change.

EU Agency for Cybersecurity Executive Director, Mr. Juhan Lepassaar said:  “At the Agency, we are committed to advancing high-quality cybersecurity knowledge and competencies to meet today’s ever-growing demand. The state-of-the-art facilities of FORTH, and their innovative R&D, have made them a key strategic partner. Through events, such as the NIS Summer School, and collaboration on research projects, we will be able to boost awareness and education on cybersecurity more effectively. It is a pleasure to be here today to meet with FORTH leadership and strengthen our cooperation.

FORTH President Prof. Nektarios Tavernarakis stated: "The multi-annual and highly fruitful cooperation between FORTH and ENISA, contributes significantly to the strengthening of cybersecurity, at national and European level. FORTH supports and encourages close cooperation between ENISA and the Foundation's Research Groups, as the interdisciplinary nature of the Network and Information Security sector relates to the priorities of many FORTH Institutes. The significant expertise of the two organisations in technologies that fuel the 4th industrial revolution, such as those of Ambient Intelligence, Big Data Management and Analysis, Internet Security, Privacy, Blockchain and the Internet of Things, will continue to lead to the development of research and educational actions, with the goal of benefiting society."


In order to enhance the cooperation between ENISA and FORTH, a Memorandum of Understanding (MoU) was signed by both parties on 24 September 2018. The Agency and FORTH jointly organise the annual ENISA-FORTH Network and Information Security (NIS) Summer School. The 7th annual event is scheduled for 24-28 May 2020 in Heraklion, Crete.

These actions strengthen the excellent cooperation between the two organisations, which started with the establishment of ENISA in Heraklion in 2004.

Further Information


NIS Summer School

For questions related to the press and interviews, please contact press (at)



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


European Cybersecurity Month: How to Get Involved

Tue, 09/01/2020 - 11:00

The highly anticipated European Cybersecurity Month (ECSM), the EU’s annual campaign in October promoting cybersecurity among citizens and organisations, has opened its doors for people to get involved. The majority of this year’s activities – from conferences and trainings to presentations and knowledge games – have moved online due to the COVID-19 pandemic. Each year, hundreds of activities take place across Europe for the entire month of October to advance online security.

Get Involved

ECSM is an open platform allowing people to join the programme as local event producers. All interested parties can submit their event proposals by visiting the ECSM website (click ‘become an organiser’). Accepted proposals will be listed as ECSM activities on the website’s interactive map of Europe for public access and registration.

The website acts as a ‘hub’ of cybersecurity information. Each participating EU Member State has a dedicated webpage with updated information in the local language. Users can find tips and advice in 23 languages, awareness raising materials, online quizzes, links to events and more. People can also share their ideas and opinions by joining the cybersecurity awareness campaign on Twitter @CyberSecMonth with #CyberSecMonth and #ThinkB4UClick.

Cybersecurity Is A Shared Responsibility

Each year, ECSM organisers bring together people from across Europe to join forces under the slogan ‘Cybersecurity is a Shared Responsibility’ to unite against cyber threats. The ECSM campaign is coordinated by the European Union Agency for Cybersecurity (ENISA) and the European Commission, and supported by the EU Member States and more than 300 partners (governments, universities, think tanks, NGOs, professional associations, private sector businesses) from Europe, and beyond.

EU Agency for Cybersecurity Executive Director Juhan Lepaassar said: “European Cybersecurity Month is one of the EU’s most important campaigns that engages people across our region, and beyond, to better understand cybersecurity and adopt good cyber practices. Boosting knowledge about cybersecurity is not only key to building trust among EU citizens, but it is our shared responsibility.”

ECSM 2020

The outbreak of COVID-19 has brought an immediate change in the way people conduct their daily lives. People have become more reliant on the Internet for communication, education, purchases, business and more. This digitalisation of everyday life brings with it a rise in cyber crime. In this increasingly connected world, there is a need for people to be aware of security risks and have the up-to-date tools to mitigate them. This year’s ECSM campaign has been designed to address these issues.  

Under the motto, ‘Think Before You Click’, ECSM 2020’s programme includes two themes to help people identify and be prepared for cyber threats. The first theme, ‘Digital Skills’, will provide participants with information on e-privacy matters such as personal data protection, cyber bullying and cyber stalking. The second theme, ‘Cyber Scams’, will provide participants with insights into current and potential cyber threats such as phishing, business email compromise and online shopping fraud.


The European Cybersecurity Month first launched in 2012. The campaign is now part of the actions designed to implement the provisions of the EU Cybersecurity Act on awareness raising and education. The Act mandates the EU Agency for Cybersecurity to organise regular outreach campaigns in cooperation with Member States, and EU Institutions, bodies, offices and other agencies. The ECSM is one of the areas in which the Agency assists Member States in their efforts to raise cybersecurity awareness and promote cybersecurity education across the Union.

Further Information:

ECSM website

For questions related to the press and interviews, please contact press (at)