ENISA, the European Union Agency for Cybersecurity, directly contributes to EU cybersecurity policy by working to enhance the trustworthiness of information and communication technology (ICT) products, services and processes through its cybersecurity certification schemes, and supporting cooperation with Member States and EU bodies.
ENISA coordinates the overall European cybersecurity approach and works with a wide range of international partners to develop this area further and prepare better for the cybersecurity challenges of the future. The mission of ENISA is to achieve a high common level of cybersecurity throughout the European Union through consistent and continuous collaboration with the wider community.
ENISA deals with a wide range of technological topics related to cybersecurity, such as cloud computing, Internet of Things (IoT), technological and network infrastructure availability, Big Data and security of databases, and CSIRT Services (alerts and warnings, incident and vulnerability handling, tools development, knowledge-sharing, and community-driven projects). It is responsible for the development of a European cybersecurity certification programme and is behind key policy documents like the EU Cybersecurity Act and the NIS (Network and Information Security) Network.
In addition, ENISA undertakes a wide range of short and long term actions:
- enhancing and strengthening cybersecurity skills across all levels, from people with little technological background to digital professionals and experts in various fields;
- providing quality cybersecurity education, targeting ICT professionals, companies and SMEs. ENISA also supports and works together with businesses to develop trainings tailored to operational and organisational needs.
- ensuring the safe and secure development of IoT and Smart Infrastructures, with their increased connectivity and dependence on safe and secure cyber networks.
- provision of threat landscape analysis and risk management and foresight of potential cyber threats.
In particular, ENISA continues to raise citizens’ awareness of cybersecurity and potential cyber threats (phishing attacks, botnets, financial and banking frauds, data fraud) by providing guidance on good practices to promote safer online behaviour (such as cyber-hygiene and cyber-literacy). Furthermore, aligning its actions with the European Digital Education Action Plan, ENISA is promoting and analysing cybersecurity education, in order to tackle the cybersecurity professional shortfall.