European Union Agency for Network and Information Security

National Liaison Officers meet today at ENISA

Wed, 04/26/2017 - 14:59

During the meeting, NLOs exchanged views with ENISA experts and elaborated on the objectives of the year.

The meeting included discussions on the future role of NLOs following the implementation of the NIS Directive and the new ENISA mandate, as well as updates on upcoming events by ENISA such as the European Cyber Security Month (ECSM), the European Cyber Security Challenge (ECSC), and ENISA’s role in the NIS Directive Co-operation Group and the CSIRTs Network.

National Liaison Officers are the first point of contact of ENISA in the Member States, acting as ‘facilitators’ for ENISA activities within their countries. The Network currently comprises thirty-five members of the EU Member States, EEA countries and the European Institutions.

For more information visit ENISA NLOs Network page.




Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Danish assessment of the cyber threat against Denmark

Fri, 04/21/2017 - 16:46
The report addresses the threat from cyber activities against Danish authorities and private companies. The main threat emanates from state-sponsored cyber espionage and from cyber crime. State and criminal hackers are continuously developing their skills and their attack methods are growing ever more sophisticated.


For the full report: The cyber threat against Denmark


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


'Secure the communications of mail servers'- new factsheet by NCSC

Thu, 04/20/2017 - 15:52

Traditionally, connections between mail servers have hardly been secured. STARTTLS is an extension to provide existing protocols with connection security. If you only use STARTTLS to secure connections between mail servers, this will protect against so-called passive attackers. An active attacker can easily undo the use of STARTTLS. The DANE protocol allows you to verifiably indicate that your server offers a secure connection.

The NCSC recommends enabling STARTTLS and DANE for all your organisation’s incoming and outgoing email traffic.

The National Council Digital Government has decided in September 2016 to include STARTTLS and DANE for email traffic in the list of compulsory open standards. Therefore, it is compulsory for Dutch government bodies to apply these standards when investing in email systems.

The standards STARTTLS and DANE are also part of the initiative 'Secure E-mail Coalition', a partnership of businesses, trade associations and governments. This initiative is aimed at broader adoption of email security and up-to-date standards. This factsheet supports organisations that want to start using these standards.

For more information:



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA wins award for Excellence in innovation-transformation at EU Ombudsman Award for Good Administration

Fri, 03/31/2017 - 10:08

The Agency’s project on Redefining European cyber cooperation, is a cyber-crisis simulation executed in real-time (over 48 hours) following two years of planning.

This achievement reflects the continuous efforts of ENISA in innovation, creativity and effectiveness in achieving its goals. It also reflects the Agency work towards developing projects that highly impact and involve the Member states and bring added value to the EU.

Launched in October 2016, the initiative aims to highlight efforts and share best practice within the wider administration of Member States, recognising the contribution of staff at an individual and team level.

The project brings together top IT experts from banks, cybersecurity, transport and energy companies from all Member States. Over the project’s lifetime, more than 1000 participants were trained and benefited from the program.

Ninety (90) projects were nominated from EU Institutions, agencies and other bodies. ENISA competed with sixteen (16) projects under the innovation and transformation category.

Cybersecurity is an area which relies upon the cooperation of all involved parties and the exchange of best practices.

The award also reflects the collaboration across all the Member States in their efforts to respond against cyber threats, and is as much theirs to pride. We urge all partners to continue their commitment and hard work together in ensuring cyber excellence, awareness and security across the EU.  

EU Ombudsman press release

Follow updates on #Eoaward @EUombudsman

Find out more about Cyber Europe 2016 organised by ENISA



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Celebrating #EU60 years of the Treaties of Rome

Thu, 03/23/2017 - 22:00

On March 25th 1957, the Treaties of Rome was signed by the governments of Belgium, France, Germany, Italy, Luxembourg and the Netherlands. The Commission is celebrating the 60th anniversary with a number of events and activities.

European Commission: The main event organised by the Commission will be Citizens' Dialogue with the HRVP Mogherini on 24 March between 12.00 and 13.30 in the Acquario di Roma in central Rome. The Dialogue, to be attended by 250-300 citizens and (mainly) Erasmus students in Rome, will be focused on the options for the future of the EU, and the difference that the EU should make for the future generations.

The Directorate-General for Education and Culture organises a Jean Monnet Seminar "The Future of Europe: a commitment for You(th)" on 23 and 24 March. The Seminar will be attended by around 100 participants, mainly Jean Monnet professors and youth representatives.

The Directorate-General for Communications Networks, Content and Technology (CNECT) organise the Digital Day, a high-level event with five Commissioners and ministers from all Member States, on 23 March. Check the agenda:

In all EU Member States events are being organised by the EC Representations. A list of these events is available on the inter-institutional webpage dedicated to the 60th Anniversary  in the section "Find events in your country".

EU Institutions: Events will be organised also by other EU Institutions. A list of these events is available on the inter-institutional webpage dedicated to the 60th Anniversary  .The Italian Government will host and organise different events to promote the 60th anniversary. A list of such events is available on the website of the Italian department for European Politics.

Furthermore, don’t miss:

  • Video  testimonials about Europe reflecting the diversity of  citizens and languages in all Member States and three EU Delegations (Bangkok, UN-New York, Rabat).
  • GIF competition – EU GIF story: Participants are invited to create a GIF based upon AV Service's archive material, which will depict a series of historical moments in the EU's history. All #EU60 GIFs will ultimately be shared with the Commission's social media and ultimately be hosted on the European Commission's Giphy Profile.  Winners to be announced on 23 March

  • EU60in60: a 60 second time-lapse video clip giving a glimpse of EU history, spanning from today until the signing of the Treaty of Rome. The clip features the main political milestones of EU integration, as well as major social-cultural events over that period. Link to the clip:
  • Documentary  clip  telling the story of the EU's integration since the signing of the      Treaties of Rome.

All above audio-visual material will be hosted and available for download on the European Commission's Audiovisual Service focus page.


Get active on social media -  Share, Update, Tweet!

Share the EU Flag
via Instagram from 25 March! Share pictures, paintings, photos of the EU flag under a common hashtag.  Update profile pictures to one, bearing the EU60 Visual Identity. When tweeting the hashtag #EU60 an EU flag will appear.

Follow        #DigitalDay17

Related material

Inter-institutional  page about the 60th anniversary (available in all EU languages)

European Commission's Audiovisual Service focus page about the 60th anniversary (in EN and FR).

Website of the Italian Government about the 60th anniversary (available in IT, EN and FR)

The European Story – 60 years of shared progress (available in EN)

Europe's future is digital: EU countries to commit in Rome to go deeper and further on digital



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA at CeBIT: The role of cybersecurity within the new digital environment

Wed, 03/22/2017 - 13:55

image c CeBIT

ENISA participates at this year’s CeBIT event with its own booth for the first time. With its presence the Agency aims to raise awareness on cybersecurity and the work it delivers on key themes such as:

  • The Internet of Things
  • Smart homes
  • Smart cars and smart hospitals
  • Critical infrastructure
  • Blockchain technology and mobile payments
  • Standardisation and certification
  • Trainings
  • privacy and virtualisation
  • And much more

ENISA experts on-site liaised with visitors providing insights on ENISA’s work generating interest and participation.

ENISA’s Head of Core Operations, Dr Steve Purser delivered the keynote address  at the Global Industry Club at CeBIT’s International Cybersecurity Conference taking place in Hannover. Speaking to German industry representatives on ‘Dealing with technology evolution - from policy development to implementation’ Purser gave an overview on:

  • Economic considerations and how cybersecurity can act as an economic enabler
  • How ENISA works with stakeholders to influence policy development. Key focus areas involved the implementation of the NIS requirements, GDPR and data breach reporting and the new eIDAS regulation on security incidents
  • Aligning skill-sets with industry needs, looking into exercises and the cybersecurity challenge
  • Implementation, and specifically on identifying and spreading good practices using SMART approaches as an example
  • Challenges and opportunities within cybersecurity  

The discussion with Purser continued during the day at the panel on ‘New experiences, challenges and changes in some global conditions - how to manage Cyber Security?’  with representatives from the public, academic and industry sector.


Visit ENISA’s booth

To find out more about the Agency’s work on cybersecurity visit  ENISA  at Hall 6 - Stand E16.

Related material by ENISA:

ENISA's work on IoT and Smart Infrastructures including smart homes, smart cities, smart airports, smart cars, smart hospitals and more

ENISA report on blockchain technology and security

Security of Mobile Payments and Digital Wallets

How to protect critical infrastructures

ENISA study on the security aspects of virtualization

Smartphone Development Guidelines

ENISA online training material

Gaps in NIS standardisation

Challenges of security certification in emerging ICT environments

PETs control matrix: A systematic approach for assessing online privacy tools



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Getting ready for the next European Cyber Security Challenge

Fri, 03/17/2017 - 10:20

The first meeting of the representatives that participate in the European Cyber Security Challenge 2017 (ECSC'2017) took place in Brussels on the 15th and16th March.

A number of topics were addressed during the two days relating to the governance of the ECSC competitions, the lessons learned from ECSC'2016 as well as the planning for the ECSC'2017 final event which will take place in November in Spain.

For further information on the European Cyber Security Challenge please refer to



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Gaps in NIS standardisation: Mapping the requirements of the NIS Directive to specific standards

Wed, 03/15/2017 - 13:30

The aim of the study is to provide a mapping of the technical requirements of the NIS Directive to existing standards, to identify gaps and overlaps in related standardisation and provide recommendations for the future work in this area.

The report identifies a relatively small number of gaps and areas of overlap in standardisation where there is no clear best practice to be adopted partly due to the diversity of the current standardisation ecosystem. This allows for several recommendations:

a)      It is recommended that the European Commission adopt a standards based framework for the exchange of threat and defensive measure information, that impacts the functioning of Network Information Infrastructure (NII), with the support of the Member States pursuant to the NIS Directive. The capabilities from this framework underscore NII as a Critical Infrastructure of the EU and its Member States and can further act a manual and reference point.

b)     ENISA urges to adopt open standards in threat exchange. This translates into increased interoperability and improved cooperation and information sharing. In this context, the risk analysis and defensive measures capabilities defined in current standards should be extended, to allow Member States to address the Network Information Infrastructure and NIS provisions necessary to mitigate risk both at a national and regional level.

c)      At another level, it will be useful to highlight the similarities between the USA Cybersecurity Act and the NIS Directive and promote possible synergies in the application of standards.

The publication coincides with the announcement of the European Commission’s Rolling Plan for ICT Standardisation, which aims at providing a bridge between EU policies and standardisation activities in the area of ICT.

Full report available online
For more on the subject
and press enquiries please contact  Tel. +302814409576



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


#APF17: Call for Papers

Thu, 03/09/2017 - 10:15

This year’s edition is organised in the light of the implementation of the newly promulgated General Data Protection Regulation (GDPR), and, the recent EC proposal for a Regulation on Privacy and Electronic Communications. Even the best legislative efforts face the challenge of keeping up to speed with the pace of innovative technology and business models that challenge the way personal data is processed and privacy is protected across the EU and beyond; therefore examining what is at stake and where threats thereto originate from becomes of paramount importance.

Get involved to:

  • learn from the professionals in the field
  • participate in a high level debate
  • discover the trends for the future
  • network with key players in privacy and NIS

The call for papers is open until 31th March. To submit your paper please use the conference’s EasyChair page.

Call for papers: At APF 2017, we invite papers presenting original work on the themes of data protection and privacy and their repercussions on technology business, government, law, society, policy and on law enforcement. An inter-disciplinary approach is high in demand to contribute to bridging the gap between research, business models and policy much like proposing new models and interpretations are.

Multidisciplinary papers are particularly welcome, making explicit how the presented work can contribute to bridging the gap between research and policy.

Contributions from policy makers, representatives of competent authorities, such as Data Protection Authorities, industry experts, NGOs and civil society associations are particularly welcome. For detailed information and the aspects with which research and opinion papers should deal with are available at:

Submissions must be written in English, should not succeed 8000 words and, need to comply with the Springer LNCS style guide. Authors must submit their papers by the deadline indicated on the conference web site and follow the requirements stated there. Papers will be published in the proceedings of the conference with a publishing house soon to be selected and announced.

Related material:

  • APF 2016 report
  • Last year in Frankfurt at APF 2016, ENISA and its partners proposed a technology readiness platform for privacy enhancing technologies. A report on the current situation and the roadmap of the ongoing project available online

To receive the latest news and updates sign up for the RSS feeds, follow #APF17  and #PrivacyForum_EU on twitter and the dedicated site

About APF 2017:
ENISA, DG CONNECT, and the Law Faculty of the University of Vienna, Arbeitsgruppe Rechtsinformatikis jointly organise the two-day event with the objective of providing a forum to academia, industry and policy makers.

For information please contact the APF Committee via the following link

For press enquiries please contact,  Tel. 2814 409576



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA and national supervisory bodies agree reporting scheme on security incidents for European TSPs

Wed, 03/01/2017 - 10:55

ENISA publishes its security incident reporting framework for TSPs (Trusted Service Providers)  in the context of the new European eIDAS regulation.

ENISA supports supervisory bodies with the implementation of national incident notification schemes. The objective of this proposal is to support efficient and harmonized incident notification schemes across the European Union.

 The document is produced in close collaboration with representatives from the European Commission, National supervisory bodies and other competent authorities in the field of trusted services.

The Agency has also developed a tool which enables supervisory bodies to submit their national reports to ENISA and the Commission. For the next year, ENISA will further work on the analysis of the collected data by developing a visualisation tool.


Full report available here

For interviews  and press enquiries please contact , Tel. +30 2814 409576




Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Guidelines on Incident Notification for Digital Service Providers

Tue, 02/28/2017 - 10:42

The EU’s first DSP mandatory incident notification requirements as part of the first EU-wide set of rules on cyber-security, are a major step towards achieving a common level of cyber-security across the Union. ENISA’s comprehensive technical guideline supports stakeholders in addressing mandatory incident notification for Digital Service Providers (DSPs) in the context of the NIS Directive. Based on the requirements of the Directive and valuable input from Member States and DSPs directly impacted by the Directive, this guideline touches the following topics:

  • identifying types of incidents to be reported
  • definitions and clarifications on parameters and thresholds
  • defining substantial incidents
  • description of the incident reporting process and the stakeholders involved
  • cross border sharing of incidents
  •  identification of DSPs

This report represents an outline technical proposal used as input for the discussions regarding the implementation of article 16 of the NIS Directive, concerning mandatory incident notification for DSPs.

The full report is available here

For media and press enquiries please contact, Tel: +30 2814 409576



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA participates at first formal CSIRT Network Meeting

Thu, 02/23/2017 - 14:35

The CSIRT Network, as defined by the NIS Directive, conducts the first formal CSIRT Network Meeting, organised by the Maltese Presidency in Sliema Malta, on February 22nd and 23rd . ENISA along with representatives from the European CSIRT Community, CERT-EU and the European Commission:

  • Presented  work relevant to the group capabilities and betterment of these
  • Adopted the Terms or Reference and Rules of Procedures that define the group

Among others, the CSIRT Network adopted the short term goals that will be taking place in the next 18 months, and formed the Working Groups for the execution of these.

 More about the meeting available here.




Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Security Measures for Digital Service Providers

Thu, 02/16/2017 - 13:55

ENISA issues this report to assist Member States and DSPs in providing a common approach on the security measures for DSPs. The study describes the high-level security objectives by providing security measures and examples of implementation concerning DSPs and in particular:

  • Cloud computing service providers
  • Online marketplaces
  • Online search engines

With this study ENISA tries to:

  • Define common baseline security objectives for Digital Service Providers (DSPs). 
  • Describe different levels of sophistication of security measures which fulfil the abovementioned security objectives
  • Map the security objectives against well-known industry standards, national frameworks and certification schemes.

The report together with other relevant technical standards have been used as input to the discussions on the implementation of article 16(1) of the NIS Directive concerning the security measures of the DSPs.

The NIS Directive aims to develop cybersecurity capabilities across EU Member States. Commonly defined security measures can support harmonised security practices across Member States and potentially enhance the overall level of NIS in the EU.

Full report available online

For interviews and press enquiries please contact Tel +302814409576

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA study on the security aspects of virtualization

Fri, 02/10/2017 - 13:32

The final objective is to provide the basis to understand the main issues and challenges related to the security in virtualization, and provide a look at common best practices to implement a secure virtualised environment.

Virtualization, is referred to as the set of activities aimed to create a virtual version of real components including, computer-hardware platforms, operating systems, storage, and networking. It is present nowadays at the basis of server and desktop infrastructures, cloud computing, networking, and containerization.

Virtualized environments are pervasively adopted and therefore increasingly becoming targets of cyber-attacks. More and more elaborated and specialized attacks are currently devised to exploit vulnerabilities and weaknesses at the virtualization layer. The recent and widespread adoption of virtualization technologies has changed the traditional view of ICT, as virtualization can provide a dramatic increase in the efficiency and effectiveness of complex organizations and communities. It is also expected to constitute an important technological pillar of a thriving data-driven economy and the European single digital market.

However, virtualization technologies bear a number of different security risks, some of them shared with traditional computing environments including issues affecting operating systems, communication protocols, and applications, which can be even exacerbated by the presence of virtualized components, producing a greater security impact.  On the other side, virtualization also introduces a number of specific security issues requiring ad hoc solutions.

Full report
 is available online

For interviews and press enquiries please contact Tel. +30 2814409576



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA issues Smartphone Development Guidelines

Fri, 02/10/2017 - 08:42

The document is written for developers of smartphone applications as a guide for developing secure mobile applications and defending against mobile attacks.

Every day, new applications are built for different mobile platforms, bringing along also new attacks.

Poorly built applications could lead to a data theft and/or financial loss[1] . To secure end users, and to ensure safe and secure communications, security of mobile applications is one key priority for mobile application developers.

Following the success of the first edition of the Smartphone Development Guidelines, ENISA publishes an update to the document, and adds new sections to address recent developments, such as the use of biometric sensors, application integrity, and client side injections.  The guidelines aim to cover the entire spectrum of attacks which developers of smartphone applications should consider when building mobile apps. These include:

  • Identify and protect sensitive data
  • User authentication, authorization and session management
  • Handle authentication and authorization factors securely on the device
  • Ensure sensitive data protection in transit
  • Secure the backend services and the platform server and APIs
  • Secure data integration with third party code
  • Consent and privacy protection
  • Protect paid resources
  • Secure software distribution
  • Handle runtime code interpretation

In addition, new sections have been added to cover new attacks, abusing biometrics and clients:

  • Device and application integrity
  • Protection from client side injections
  • Correct usage of biometric sensors


Full report is available online

For interviews and press enquiries please contact Tel. +30 2814409576




Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Analysis of security measures deployed by e-communication providers

Thu, 02/09/2017 - 12:32

This document focuses on the security measures providers have deployed to protect networks for the provision of services, and equally important, for the personal and operational data of their customers. The report is targeted primarily at e-communication providers, and at a second level, to National Regulatory Authorities as members of ENISA’s Article 13a Experts Group.

Most of the providers, report a very good level of using ENISA recommendations on security requirements, while virtually all providers have deployed a good level of basic security controls. In some security domains, the level of maturity reported, is high as well as the sophistication of implemented controls.

It is important that providers of electronic communications take the appropriate measures to address major security concerns. A key conclusion seems to be that while all IT security basics are covered, the achievement of the next level of maturity is impeded mostly by lack of sustainability mechanisms, i.e. repeatable processes and the regularly maintained documentation.

The main recommendation for the providers - based on the reported deployment of security measures - is to pay additional attention to sustainability and efficiency. This is best achieved by the adoption of Service Management frameworks and creating a series of processes that include measurement and periodic reviews of security controls and capabilities in all domains.

Full report is available here

For interviews and press enquiries please contact  Tel.+30 2814 409576



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


#SaferInternetDay: Be the change - Unite for a better internet

Tue, 02/07/2017 - 11:35

Find out what is happening in your country by checking Safer Internet Day website.

Follow the activities on twitter #SID2017 #SaferInternetDay

For online resources visit and check the European Commission's activities on Better Internet for Kids and Information by the EC.


Furthermore, on the occasion of the day, ENISA issues its new studies on privacy and security in personal data clouds, cyber hygiene practices and a report on the deployment of the 2016 European Cyber Security Month. To find out more in specific areas of interest go through ENISA’s reports and training material.



Privacy and Security in Personal Data Clouds

Under its 2016 work programme, a new study on privacy and security in Personal Data Clouds, also known as Personal Data Vaults or Personal Data Stores, aims to identify the different architectures and components of PDCs and lay out their privacy and security challenges.

Personal data clouds (PDCs) aim to provide end-users the typical data collection and storage capabilities of data management systems, and also to help end-users regain control over their data. PDCs are ideally embedded by privacy-enhancing elements allowing users to determine on their own how they want their data to be managed - in and outside of the solution - and with whom these should be shared.

The study presents a “state of the art” analysis of the security and privacy features of PDCs based on an empirical analysis of various applications that fall under or are close to the definition of PDCs. The report assesses to what extent current PDC solutions - either available on the market or in a research and development phase - are supported by functionalities that enhance the level of security and privacy offered, by enabling  users to take decisions over their data and, ideally, apply them (user centric model). Given that mobile health applications have been gaining considerable attention nowadays, the study particularly identifies privacy-enhancing features adopted by certain PDCs in the health sector.

For the full report


Cyber hygiene practices

Cyber hygiene is a fundamental principle relating to information security and, as the analogy with personal hygiene shows, is the equivalent of establishing simple routine measures to minimise the risks from cyber threats, specifically for SME’s. Good cyber hygiene practices can drive increased immunity across businesses. However, the variation between national practices leads to uncertainty and confusion over what needs to be implemented. A uniform approach to cyber hygiene which allows businesses to establish security trust across national borders would drive improvements across the board.

Full report available online


European Cyber Security Month 2016 – Deployment report

The European Cyber Security Month (ECSM) is a key part of the EU's Cybersecurity Strategy to increase people's awareness of the key role they can play in ensuring the security of networks and information systems. The primary purpose of cyber security awareness campaigns is to influence the adoption of secure behaviour online. Last year’s ECSM took place across 32 countries focusing on security in banking, cyber safety, cyber training and mobile malware.

For more info visit and

"Cyber security is a shared responsibility – Stop. Think. Connect."

 Full report available online


For press enquiries please contact Tel. +302814409576




Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


Challenges of security certification in emerging ICT environments

Mon, 02/06/2017 - 15:03

ENISA issues today its report on the Challenges of security certification in emerging ICT environments. The report is targeted at EU Member States (MS), the Commission, certification bodies and the private sector, and provides a thorough description of the cyber security certification status concerning the most critical equipment in various critical business sectors.

The study contains information on the certification of devices in five business sectors namely, electricity, healthcare, information and communication technology, railway and water transport. It describes the situation in the EU, and discusses the advantages and challenges towards a more harmonised certification practice.

The key finding of the report, is that every sector has its own functional and security challenges, which makes the target of a common certification framework a challenge in itself. Based on desk research and expert validation, an analysis is done to study the existing frameworks and standards, and to identify certification drivers, best practices and candidate products for certification of the five selected sectors. Finally an aggregated table is provided, which shortly reflects the certification drivers, the market situation and the recommendation for certification for each identified device.

For the full report

For  interviews and press inquiries please contact , Tel. +30 2814 409576



Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


The power of sharing: ENISA report on cyber security information sharing in the energy sector

Fri, 02/03/2017 - 14:22

The report first identifies existing CSIRTs (Computer Security Incident Response Teams), ISACs (Information Sharing and Analysis Centres) and information sharing initiatives in the energy sector, analyses problems and shortcomings, and identifies good practices to facilitate the cyber security information sharing in this sector. Furthermore the report provides recommendations to address identified problems and shortcomings.

Key findings include:

• Trust is a key component of information sharing.

• Participants in information sharing initiatives, are more committed and willing to contribute with information when their organisation backs them. Time, resources and knowledge, are some of the constraints faced by the participants that may hinder information sharing.

• Only few energy sector specialists have in-depth understanding of both the complexities of the energy systems and cyber security.

• Energy security issues are often addressed only at the Member State level, maintaining for example a national focus only, without taking into account the complexity of the interdependence of Member States in multiple aspects of the energy area, including cyber security.

• The legal and policy context is complex and fragmented.

• The quality of the shared information is not always at the required level, due to inconsistent use of the applicable taxonomy for example.

• There is a need to create public-private partnerships when sharing information.  

• Information is shared between heterogeneous players.

• Many companies in the sector give more importance to the safety of their physical infrastructure than to the security of their computer, process systems and data.

• Few good practices have been identified on the subject, and the current information sharing initiatives lack visibility within companies in the energy sector.

The report is primarily addressed at national and governmental CSIRTs and other types of CSIRTs with activities and constituencies in the energy sector. Policy and lawmakers, notably the European Commission at the EU level, public and private organisations with an interest in NIS, and interested parties engaged in information sharing initiatives within the energy sector - including energy operators -  are also intended audiences.

Full report available here

For press enquiries please contact, Tel. +30 2814 409 576


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


ENISA online training material updated and extended

Thu, 02/02/2017 - 12:25

The new training material provides a step-by-step guide on how to address and respond to incidents, as an incident handler and investigator, teaching best practices and covering both sides of the breach. The material is technical and aims to provide a guided training both to incident handlers and investigators, while providing lifelike conditions. The training material mainly uses open source and free tools.

New topics in the training material cover the following aspects of Forensic Analysis:

  • Local Incident Response
  • Network Incident Response
  • Webserver analysis

The material can be found online.

Furthermore, the updated training material provides material necessary to perform table top exercises in the areas of:

  • Incident Handling Management
  • Developing CSIRT Infrastructure
  • Recruitment of CSIRT Staff

More info available online.


For interviews and press enquiries please contact Tel. 2814 409576


Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items: