ENISA News

ENISA Seeks Feedback on Software Supply Chain Security Guidance

ENISA has launched public consultations on draft guidance for software supply chain security. Feedback is sought on an SBOM Landscape Analysis and a Technical Advisory for Secure Use of Package Managers, with a deadline of January 23, 2026.

ENISA Cybersecurity Exercise Methodology Guidance

ENISA has released a new cybersecurity exercise methodology to guide organizations in planning and executing effective cybersecurity exercises. The methodology provides a framework for simulating cyber crises, training response capabilities, and building resilience against cyber threats.

ENISA Report: EU Public Administrations Targeted by DDoS Attacks

ENISA has released a report detailing that EU public administrations are increasingly targeted by cyberattacks, primarily DDoS attacks, with central governments being the most affected. The report analyzes 586 incidents from 2024 and highlights the sector's developing cybersecurity resilience under the NIS2 Directive.

ENISA Report: Cybersecurity Investments and NIS2 Challenges

ENISA's 6th NIS Investments report reveals a shift in cybersecurity spending from personnel to technology and services across 1080 EU organizations. The report highlights persistent talent shortages and challenges in implementing the NIS2 Directive, despite compliance being a key investment driver.

ENISA Updates International Cybersecurity Strategy

ENISA has updated its International Strategy to enhance engagement with international partners and align with the EU's cybersecurity policies. The revised strategy focuses on cooperation with countries sharing EU values and includes specific working arrangements with Ukraine and the US, support for EU candidate countries, and operationalizing the EU Cybersecurity Reserve for third countries.