Stronger Together – How ENISA Enhances Cybersecurity Across the EU

ENISA, formerly known as the European Network and Information Security Agency (ENSISA), commenced full operations on September 1, 2005. Headquartered in Athens, Greece, ENISA also maintains offices in Brussels, Belgium, and Heraklion, Greece.

Established under EU Regulation No. 460/2004, ENISA’s governance and operational scope were further defined by EU Regulation No. 2019/881, passed on April 17, 2019. This regulation repealed EU Regulation No. 526/2013, known as the Cybersecurity Act, and officially established ENISA as the European Union Agency for Cybersecurity.

As an integral EU agency, ENISA is dedicated to elevating cybersecurity standards across Europe. It collaborates closely with EU institutions and member states, supports EU cyber policy initiatives, and assists in preparing Europe for emerging cyber threats. Utilizing cybersecurity certification schemes, ENISA enhances the reliability of ICT products, services, and processes.

Through proactive information exchange, capacity building, and awareness initiatives, ENISA fosters confidence in the interconnected digital economy, strengthens the Union’s infrastructure resilience, and safeguards the digital security of European society and its citizens.

The Power Behind the Agency: Resources and Staffing

In addition to receiving help from a group of professionals who represent a wide variety of stakeholders, the executive director of ENISA is in charge of the organization. These specialists include representatives from the information and communication technology industry, consumer advocacy groups, and academic experts. The Agency is governed by the management board and executive board, which are comprised of individuals representing the European Union Commission, the member states of the EU, and other stakeholders.

The National Liaison Officers network first came into being in 2004 with the purpose of serving as a non-official point of reference among the member nations. Since June 27, 2019, it has developed into a statutory entity that is subordinate to ENISA. Through the National Liaison Officers Network, exchanges of information between ENISA and the countries that are members of the organization are made possible. Additional assistance is provided to the organization by the Advisory Group, which is comprised of 33 persons from all around Europe. These individuals are classified as “nominated members” as well as “ad personam” members. Concerns that are of significance to the various stakeholders are brought to the attention of ENISA by the advisory committee.

For the purpose of achieving its goals in 2019, the organization will function with a budget of around 17 million euros and 109 statutory staff members. In addition, the firm makes use of a significant number of trainees, national experts, and temporary agents who are stationed in different locations. After the implementation of Regulation 2019/881, there are plans to fill the Agency with more professionals who will be joining the organization.

Beyond Borders: ENISA’s Expanding Reach and Partnerships

A proposal was made by European Commissioner Viviane Reding in 2007 to include the European Network and Information Security Agency (ENISA) in a new European Electronic Communications Market Authority (EECMA). According to Commissioner Neelie Kroes, the European Commission had the intention of establishing a more powerful agency by the year 2010. Under the leadership of Dr. Udo Helmbrecht, the mandate of the organization was extended until the year 2012, and it was given an annual budget of eight million euros. On May 21, 2013, Regulation (EC) 460/2004 was abolished by EU Regulation 526/2013, which the European Parliament and the Council passed. This regulation functioned as ENISA’s last mandate extension before it became permanent. On June 27, 2019, ENISA was established, and it will continue to exist for an endless period.

The administration and support functions of ENISA were first based at the organization’s headquarters, which were located in Heraklion, Greece. From the very beginning, there was a great deal of criticism about the selection of a site that was relatively far away, particularly since Greece was hosting the president of the EU Council during the discussions for the Agency’s mandate. To add insult to injury, the group has been operating a liaison office in Athens since October 2009. The year 2013 saw thirty of the company’s sixty workers relocate from Crete to Athens. The proposal made by ENISA to terminate its office in Heraklion in 2016 was granted unanimous approval by the Committee on Budgets. There are two offices that ENISA maintains in Greece as of the year 2019. The primary office is located in Athens, and there is also an office in Heraklion. The European Commission decided that an ENISA office will be established in Brussels in June 2021.

The “EU’s Cybersecurity East Project” was initiated by the organization in 2019 with the intention of strengthening the level of cybersecurity in the member states of the Eastern Partnership of the European Union. The Agency organized a summit on cybersecurity that will take place on October 4, 2022, in Athens, Greece. The gathering will include participation from member nations of the EU Eastern Partnership. During the meeting, officials from Azerbaijan, Georgia, Moldova, Ukraine, Armenia, and Georgia discussed best practices, legal frameworks, and ways to increase EU collaboration.

Since the year 2022, the Agency has been hosting a competition specifically for cybersecurity, which is known as the International Cybersecurity Challenge.

The International Cybersecurity Challenge is a cybersecurity competition that the Agency has been holding since 2022.

Conclusion

Established in 2004 and reinforced by the EU Cybersecurity Act of 2019, ENISA plays a pivotal role in coordinating cybersecurity efforts across EU member states. Through its expertise, collaboration with stakeholders, and strategic initiatives like cybersecurity certification schemes and capacity building, ENISA aims to fortify Europe’s digital infrastructure and safeguard its citizens against evolving cyber threats. As the digital landscape continues to evolve, ENISA remains committed to advancing cybersecurity standards and fostering a secure digital future for Europe.