The European Union Agency for Cybersecurity (ENISA) has been supporting the European Union (EU) Member States in developing, implementing and evaluating their cyber security strategies. Since 2012 and as part of this support, ENISA has been developing tools, studies and guidelines to help EU Member States build on their national cyber security strategies. The latest … Continue Reading
On 7 June 2019, Regulation (EU) 2019/881 on ENISA (the European Union Agency for Network and Information Security) and on information and communications technology cybersecurity certification, also known as the Cybersecurity Act, was given the final go-ahead and published in the Official Journal of the European Union. The Cybersecurity Act will come into force on 27 … Continue Reading
The European Union Agency for Network and Information Security (ENISA) recently published its report on ‘Security and privacy considerations in autonomous agents’. Artificial intelligence (AI) and complex algorithms offer unlimited opportunities for innovation and interaction, but they also bring a number of challenges that should be addressed by future policy frameworks at the EU level – … Continue Reading
On 10 December 2018, the European Parliament, the Council of the European Union, and the European Commission reached agreement on the cybersecurity proposal put forward by the Commission. The aim of the Commission’s proposal is to build strong cybersecurity standards in the EU, allowing the EU to become a global leader in cybersecurity. The proposal … Continue Reading
To enhance cyber resilience, the EU is building a certification framework for information and communication technology (ICT) products, services and processes. On 8 June 2018, the Council agreed a Proposal (known as the Cybersecurity Act) to prepare for negotiations with the European Parliament to finalise the text. One of the effects of the Proposal is … Continue Reading
On 27 November 2017, the European Union Agency for Network and Information Security (“ENISA”) published a report on Recommendations on European Data Protection Certification (“Report”). The aim of the Report is to identify and analyse challenges and opportunities of data protection certification mechanisms, as introduced by the General Data Protection Regulation (“GDPR”). The Report provides … Continue Reading
On 5 July, the European Commission (“EC”) published a communication outlining measures to improve resilience to cyber incidents, improve cooperation and information sharing, and promote innovation and competition in the European cybersecurity industry. The communication highlights the EC’s intention to take cooperation, knowledge, and capacity to the next level, particularly through the imminent introduction … Continue Reading
On July 28, the European Union Agency for Network and Information Security (ENISA) published its Annual Activity Report 2014. The report summarises its operations and programs from the previous year, and highlights the areas in which it feels it has contributed the most to Europe’s data protection and cybersecurity environment. The ENISA prides itself on … Continue Reading
The EU Agency for Network and Information Security (ENISA) announced in a press release that it has produced a report titled ‘Good Practice Guide for Securely Deploying Governmental Clouds’, which analyses the current state of play regarding governmental Cloud deployment in 23 countries across Europe, categorised on a scale of “Early adoptors”, “Well-Informed”, “Innovators” or … Continue Reading
ENISA, the European Union Agency for Network and Information Security, has released a series of reports and guidance tackling the topic of cyber security. ENISA Threat Landscape (ETL) Report 2013 The report reviews more than 250 incidents of cyber attacks that took place in 2013. A table in the report analyses fluctuations in the top … Continue Reading
ENISA, the European Union Agency for Network and Information Security, issued its Annual Incidents Report 2012. The report has been issued under Article 13a of the Common Regulatory Framework Directive (1009/140/EC) for electronic communications networks and services. The report highlights that 18 European Union countries reported 79 significant incidents during 2012. Only 9 countries reported … Continue Reading
The European Network and Information Security Agency (“ENISA”) has published its first independent overview of how the cyberthreat landscape has evolved over the past few years. The report identifies the most common and dangerous cyberthreats, the methods used by malicious users and potential avoidance measures for web users. ENISA’s findings have ramifications from both an … Continue Reading
The “right to be forgotten” as contained in the EU Commission’s Proposed Data Protection Regulation (Proposed Regulation), enhances the existing right to data erasure obligation by including an obligation on data controllers that have personal data public, to inform third parties on the data subject’s request to erase any links to, or copy or replicate … Continue Reading
The European Network and Information Security Agency (ENISA) has published a report on ‘Cyber Incident Reporting in the EU’, and has found that many incidents remain undetected or unreported. As a result, the lack of transparency and information on data security breaches makes it difficult for policy makers to understand the overall impact, and to … Continue Reading