ENISA provides practical advice and solutions for the public and private sector in EU countries and for the EU institutions. This includes:

ENISA also publishes reports and studies on cyber security issues. It also helps to draft EU policy and law on network and information security. This also contributes to economic growth in Europe’s internal market.

ENISA also supports the development and implementation of the European Union’s policy and law on matters relating to network and information security (NIS) and assists Member States and European Union institutions, bodies and agencies in establishing and implementing vulnerability disclosure policies on a voluntary basis.

Since 2019, following the bringing into force of the Cybersecurity Act (Regulation 2019/881), ENISA has been tasked to prepare the ‘European cybersecurity certification schemes’ that serve as the basis for certification of products, processes and services that support the delivery of the Digital Single Market.

The European Cybersecurity Act introduces processes that support the cybersecurity certification of ICT products, processes and services. In particular, it establishes EU wide rules and European schemes for cybersecurity certification of such ICT products, processes and services.

ENISA’s activities
ENISA’s approach is further illustrated below by presenting its activities in different areas:

• Recommendations on cybersecurity and independent advice
• Activities that support policy making and implementation
• ‘Hands On’ work, where ENISA collaborates directly with operational teams throughout the EU
• Bringing together EU Communities and coordinating the response to large scale cross-border cybersecurity incidents
• Drawing up cybersecurity certification schemes.