Few years after its very first report in 2012, ENISA published its second National Cyber Security Strategy Good Practice Guide (NCSS Good Practice Guide).
The ENISA guide analyses the status of NCSS in the EU and aims to support EU Member States when developing and implementing their national strategies. Since 2012, the NIS Directive has been adopted by the EU and requires EU Member States to adopt a NCSS. These strategies should be forwarded to the European Commission three months after being adopted.
To design the NCSS, ENISA presents a six-step programme, along with fifteen objectives as the protection of critical information infrastructure, the establishment of baseline security measures or the balance between security and privacy.
The guide concludes with a set of recommendations on how to proceed with the development and maintenance of EU Member States’ NCSS.