The European Union Agency for Cybersecurity (ENISA) plays an important role in the European cybersecurity ecosystem. The Agency works with organisations and businesses to strengthen trust in the digital economy, boost the resilience of the EU’s infrastructure, and keep EU citizens digitally safe. Under the NIS Directive, ENISA is tasked with assisting the Member States and the Commission by providing expertise and advice. For instance, Member States may request the assistance of ENISA in developing national strategies on the security of network and information systems. ENISA further assists the NIS Cooperation Group in the execution of its tasks and priveds the secretariat to the CSIRTs network. Art. 19 NIS Directive mandates ENISA to draw up advice and guidelines regarding the technical areas to be considered in relation to standards and specifications relevant to the security of network and information systems.
ENISA was founded by the Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 establishing the European Network and Information Security Agency. The duration of its mandate was extended by the Regulation (EC) No 1007/2008 of the European Parliament and of the Council of 24 September 2008 amending regulation (EC) No 460/2004, Regulation 580/2011 of the European Parliament and of the Council of 8th June 2011 amending regulation (EC) No 460/2004 and Regulation (EU) No 526/2013 of the European Parliament and of the Council of 21 May 2013 repealing Regulation (EC) No 460/2004. The Agency was only recently given a permanent mandate by the Regulation (EU) 2019/881 of the European Parliament and of the EU Council of 17 April 2019 (Cybersecurity Act) on ENISA and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013.
The poster on ENISA has been created by Kalliopi Terzidou as part of the course “Transnational Regulation of the Internet” (Doctoral School of Law, University of Luxembourg).