The main objective of this report is to provide relevant good practices in terms of taxonomies for incident detection and prevention for the CSIRT community. Additionally, it aims to provide conclusions and recommendations based on the qualitative assessment of taxonomies within the current taxonomy landscape on improvements that can be made on current taxonomies, such as what fields can be extended or added to existing taxonomies.
ENISA decided to provide further guidance to SMEs on how to adopt security measures for the protection of personal data, following a risk-based approach. In particular, the objectives of the study were to facilitate SMEs in understanding the context of the personal data processing operation and subsequently assess the associated security risks.
As announced at the end of 2016, the Czech National Security Authority (NSA) is establishing a new headquarters for its National Cyber-Security Centre (NCSC) to protect the Czech Republic from hackers' attacks and other security incidents.
Europol's European Cybercrime Centre (EC3) Retail Cyber Hack exercise with MasterCard underlines the importance of improving information sharing on cyber crime as key to strengthening cyber security approaches across the European Union.
The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has released a self-assessment tool to help organisations better understand the effectiveness of their cyber-security risk management efforts.
The document is called Baldrige Cybersecurity Excellence Builder and it is based on two of the main NIST resources, the organisational performance evaluation strategies from the Baldrige Performance Excellence Program and the risk management mechanism from the Cyber Security Framework.
The National Institute of Standards and Technology (NIST) last week released an essential guide to help SMEs protecting their data and information.
"Small Business Information Security: The Fundamentals" is written for small-business owners not experienced in cybersecurity and explains basic steps they can take to better protect their information systems.
A new study by the European Union for Network and Information Security (ENISA) investigates threats and vulnerabilities in hospitals using the Internet of Things (IoT). The risk-based approach analyses attack scenarios and maps common good practices.
Smart solutions help hospitals improve patient care, including remote care but not enough attention is paid to security and safety issues as cost estimates for data breaches in hospital cyber incidents show.
In a constantly changing cyber threats environment, EU Member States need to have flexible and dynamic cyber security strategies to meet new, global threats.
ENISA recently published its second National Cyber Security Strategy Good Practice Guide, providing an update to the 2012 ENISA guidebook on the design and implementation of a National Cyber Security Strategy.