Study on the Evaluation of the European Union Agency for Network and Information Security

Karin Attström, Vanessa Ludden, Franziska Lessmann, Pär Weström, Johannes Conrads, Helena Farrand Carrapico, Andrej Savin, Cristina de la Maza

Research output: Book/ReportReportCommissionedpeer-review

316 Downloads (Pure)

Abstract

The European Union Agency for Network and Information Security (ENISA) was established in 2004. The Agency provides advice and recommendations, data analysis, and supports awareness raising and cooperation by the EU bodies and Member States in the field of cybersecurity. ENISA uses its expertise to improve cooperation between Member States, and between actors from the public and private sectors, as well as to support capacity building. The present study involves the evaluation of ENISA over the 2013-2016 period, assessing the Agency’s performance, governance and organisational structure, and positioning with respect to other EU and national bodies. It assesses ENISA’s strengths, weaknesses, opportunities and threats (SWOTs) with regard to the new cybersecurity and digital privacy landscape. It also provides options to modify the mandate of the Agency to better respond to new, emerging needs and assesses their financial implications. The findings of the evaluation study show that ENISA has made some important achievements towards increasing NIS in the EU. However, a fragmented approach to cybersecurity across the EU and issues internal to the Agency, including limited financial resources, hinder ENISA’s ability to respond to the ever growing needs of stakeholders in a context of technological developments and evolving cybersecurity threats.
Original languageEnglish
Place of PublicationLuxemborg
PublisherPublications Office of the European Union
Number of pages202
ISBN (Print)9789279721106
Commissioning bodyEuropean Commission
Publication statusPublished - 2017

Cite this