National Cyber Security Strategies

In a constantly changing cyber threats environment, EU Member States need to have flexible and dynamic cyber security strategies to meet new, global threats. A national cyber security strategy (NCSS) is a plan of actions designed to improve the security and resilience of national infrastructures and services. It is a high-level top-down approach to cyber security that establishes a range of national objectives and priorities that should be achieved in a specific timeframe.


The cross-border nature of threats makes it essential to focus on strong international cooperation. Cooperation at pan European Roadmaplevel is necessary to effectively prepare, but also respond to cyber-attacks. Comprehensive national cyber security strategies are the first step in this direction.

The EU Internal Security Strategy in Action: Five steps towards a more secure Europe sets among its objectives to raise the levels of security for citizens and businesses in cyberspace also by providing guidance for citizens on cyber security. The European Commission recently announced a European Internet Security Strategy aiming to describe the major issues at stake and to assess the on-going or planned actions where and when they exist, but also highlight the areas where more EU action.

The ENISA Study on National Cyber Security Strategies aims to produce a Good Practice Guide highlighting good practices and recommendations on how to develop, implement and maintain a Cyber Security Strategy. The Good Practice Guide is intended to be a useful tool and practical advice for those, such as regulators and policy makers, responsible and involved in cyber security strategies.

ENISA also created an interactive informative map to present the situation of the cyber-security strategies adoption across EU. Please visit the map in our enisa website.


Experts group

In 2014 ENISA created an working group with experts from the member states and EFTA countries to support the activities on this topic and to support the member states in implementing their strategy. More details on the working group can be found here.

Short paper on CIIP approaches in MS


Please read the Terms of Reference for this Experts Group
And the Privacy Statement