European Union Agency for Cybersecurity

The European Union Agency for Cybersecurity (ENISA) – previously known as European Union Agency for Network and Information Security – is an EU agency established with the aim to enhance the capability of the EU, its member states, and the business community to prevent, address and respond to network and information security problems.

ENISA’s tasks include: advising and assisting the Commission and the member states on information security and in their dialogue with industry to address security-related problems in hardware and software products; collecting and analysing data on security incidents in Europe and emerging risks; promoting risk assessment and risk management methods to enhance our capability to deal with information security threats; awareness-raising and cooperation between different actors in the information security field, notably by developing public / private partnerships with industry in this field.

The activities of the agency are clustered around four main topics: computer emergency response teams, critical information infrastructure protection and resilience, identity and trust, and risk management. ENISA is supporting member states and other stakeholders in setting up and running CERTs, and it issues recommendations and developing best practices for EU agencies, the European commission, national regulatory authorities, and the private sector in areas such as national contingency plans, cybersecurity strategies, minimum security measures for ISPs,  national cyber exercises, interconnected networks, cloud computing, etc. It also works on increasing users’ trust in online services, as well as on supporting mutual recognition of electronic identification mechanisms and authentication on electronic signatures among EU member states.