EUROPEAN NETWORK AND INFORMATION SECURITY AGENCY (ENISA)

The European Union Agency for Network and Information Security, originally European Network and Information Security Agency (ENISA), is an agency of the European Union. ENISA was created in 2004 and has its seat in Heraklion, Crete (Greece).

ENISA was set up to enhance the capability of the European Union, the EU Member States and the business community to prevent, address and respond to network and information security problems. In order to achieve this goal, ENISA is a Centre of Expertise in Network and Information Security and is stimulating the cooperation between the public and private sectors. As such, the Agency is a 'pace-setter'.

Tasks and Activities

The Agency’s regulation based tasks are focused on:

• Advising and assisting the Commission and the Member States on information security and in their dialogue with industry to address security-related problems in hardware and software products.
• Collecting and analysing data on security incidents in Europe and emerging risks.
• Promoting risk assessment and risk management methods to enhance our capability to deal with information security threats.
• Awareness-raising and co-operation between different actors in the information security field, notably by developing public / private partnerships with industry in this field.
• Computer Emergency Response Teams, CIIP & Resilience, Risk Management-Risk Assessment and Identity & Trust.

ENISA as an Advice Broker

ENISA can act as a broker for advice in NIS-matters. When an EU Member State or stakeholder needs a quick overview of e.g. a topic or previous experiences of a particular NIS issue, ENISA may be broker for advice on suitable contacts in the Member States or the EU-institutions. Or, the Agency can guide towards the best practice of a MS suitable for that particular request. Alternatively, ENISA can direct to the responsible institution of each Member States.

ENISA relation with projects funded by the European Commission

Due to its administrative status, ENISA cannot be a partner in a consortium proposing or executing a project funded by the Commission, for instance through the Framework programme.

However, once a consortium has been awarded a contract by the Commission, it may ask ENISA to provide advice and support such as participating in a Strategy or Advisory Committee, giving advice on best practice and standards to use, taking part of a workshop or conference organised by the consortium, co-organise of specific events with the consortium.

Organisation

ENISA is managed by the Executive Director, and supported by a staff composed of experts representing stakeholders such as the information and communication technologies industry, consumer groups and academic experts. The Agency is overseen by the Management Board, which is composed of representatives from the EU Member States, the EU Commission and other stakeholders. The Permanent Stakeholders Group was established by and gives advice to the Executive Director.