ENISA - European Union Agency for Cybersecurity

The European Union Agency for Cybersecurity (ENISA) https://www.enisa.europa.eu/ was established in 2004 (under the name European Network and Information Security Agency) and was strengthened in 2019 with the publication of Regulation (EU) 2019/881 of the European Parliament and of the Council, of 17 April 2019, and the certification of information and communication technology (ICT) cybersecurity.

ENISA contributes to the European Union (EU) cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. Through knowledge sharing, capacity building and awareness raising, the Agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the Union’s infrastructure, and to keep Europe’s society and citizens digitally secure.

ENISA’s main areas of activity consist of:

  • Cloud and Big Data.
  • Critical infrastructures and services.
  • CSIRT services.
  • Cyber crisis management.
  • Cybersecurity exercises.
  • Cybersecurity training and awareness campaigns.
  • Data protection.
  • Incident reporting.
  • Internet of things and smart infrastructures.
  • National cybersecurity strategies.
  • NIS (network and information security) Directive.
  • Standardisation and certification.
  • Risk and threat management.
  • Training for Cybersecurity Specialists.
  • Trust services.

ANACOM has been involved in ENISA’s activities from the outset, having taken an active part in several working groups, as well as in the Cyber Europe exercise series, which pioneered the participation of several EU countries.

ANACOM is currently a member of the ECASEC group https://resilience.enisa.europa.eu/article-13, which is composed of EU national regulators to support the implementation of obligations of the European Electronic Communications Code in matters of security and integrity of electronic communications networks and services.