2025 Issy-Les-Moulineaux – Building resilient public administrations: understanding cyber threats and maturity gaps
The digital transformation of public administrations across EU Member States has brought significant efficiency gains—but also increased exposure to cyber threats. ENISA’s 2024 Threat Landscape report highlights public administration as the most targeted sector, accounting for 19% of all recorded cyber incidents between July 2023 and June 2024*. DDoS attacks were especially prevalent, with the sector hit in 33% of such cases. It was also heavily impacted by data-related threats (12%), malware (11%), and social engineering (10%).
Despite its critical role in governance and service delivery, public administration remains one of the least mature sectors under the NIS2 Directive. As a newly regulated sector, it faces challenges such as limited budgets, slow progress, and insufficient cybersecurity capabilities. Strengthening resilience in this sector is vital to ensure secure and reliable digital public services.