An anniversary celebration was held at ENISA headquarters in Athens with the Hellenic Authorities, ENISA Advisory Group, ENISA Management Board, staff members, along with distinguished guests to mark this significant moment in the Agency’s course of existence.

Following the celebration, the ENISA Management Board met for a strategy meeting and held an extraordinary session, where members voted in favour of extending the term of office of the Executive Director by a further five-year period, in accordance with Article 36 of the Cybersecurity Act. The new term will commence from October 2024 beginning a new chapter for the Agency.

Since 2004, ENISA's mission is to achieve a high common level on cybersecurity across the Union and this year, we are celebrating our achievements.

The following timeline highlights key milestones of the past years, showcasing ENISA’s journey and progress:

• 2005: ENISA organised the first CERTs workshop in Europe, the precursor the CSIRTs Network meetings. The first CERT map in Europe and inventory of 104 European CERTs was developed.
• 2006: ENISA's work developed on assessing cyber risk with a first Working Group on Risk Management and Assessment.
• 2009: A cloud computing risk assessment was published
• 2010: Cyber Europe took place, ENISA's first pan-European exercise on Critical Information Infrastructure Protection (CIIP).
• 2011: The first year for which incidents were reported to ENISA and ENISA publishes technical guidelines on incident reporting.
• 2012: The Agency launches the 1st European Cybersecurity Month
• 2013: ENISA opens Athens office and the first ENISA threat landscape is published.
• 2016: The first EU-wide cybersecurity legislation, the EU's Network and Information Systems (NIS) Directive is adopted.
• 2017: the first European Cybersecurity Challenge brings together young talent from across Europe to have fun and compete in cybersecurity.
• 2018: A Memorandum of Understanding for a cooperation framework between ENISA, the European Defence Agency, Europol’s EC3 and CERT-EU is signed.
• 2019: 15 years since its establishment, ENISA becomes a permanent agency with an enhanced mandate through the EU Cybersecurity Act. The first BlueOLex exercise is organised.
• 2020: ENISA published the first NIS Investments report as the NIS directive update and the new Cybersecurity Strategy for the Digital Decade are proposed.
• 2021: The first cyber exercise to test the procedures for prompt and effective cyber crisis management in the EU to face large-scale, cross border cyber-attacks was organised by ENISA. The structured cooperation with CERT-EU was kicked off.
• 2022: The European Cybersecurity Skills Framework is created and ENISA hosted the first International Cybersecurity Challenge. The creation of the ENISA Cybersecurity Support Action, a cybersecurity emergency response fund provided ex-post and ex-ante services and assistance to Member States. The Agency also launched the Joint Cyber Assessment Report (JCAR).
• 2023: ENISA enhanced international cooperation through working arrangements with Ukraine and US counterpart, CISA.
• 2024: The EUCC - the first cybersecurity certification scheme on common criteria was adopted.

Read the full article