Via a call for expression of interest, ENISA is looking for interested stakeholders to participate in this survey (https://www.enisa.europa.eu/topics/standards/enisa-survey-on-the-eu-cybersecurity-market). When registered, ENISA will send to the participants a message with a link to the survey.

ENISA foresees four types of stakeholders, covering the vast majority of actors within the cloud computing ecosystem:

Supply side: cloud service providers

Owners and operators of cloud computing systems, offering public, private, hybrid and community cloud services. They are responsible for end-to-end service provisioning, including maintenance, protection and upgrading their infrastructure. They might include various service providers in their service provisioning supply-chain.

- Supply side: Enablers

Enablers are intermediates between end-users and public service platform providers and/or private cloud computing. They facilitate adoption of cloud services by, for example:

*             packaging services;

*             providing added-value services on top of services offered by service platform providers;

*             operating private cloud for customers;

*             providing multi-cloud solutions, etc.

Enabler examples include cloud brokers, integrators, consultants, developers, outsourcers, application hosting, etc. Their offerings add value to cloud service providers (see above) and/or operators/managers of private cloud platforms.

- Demand side: end-users, consumers:

Both current and prospective subscribers of cloud computing services, at all levels of their business processes (including infrastructure providers integrating cloud services within their infrastructure, e.g. 5G operators, financial institutions, IoT service providers, etc.).

- Entities involved in regulatory work:

National or international entities/public authorities/institutions that - directly or indirectly - exert regulatory influence on cloud services.

-Research & Development:

Public and private organisations performing research on cloud technology, cloud services, cloud operations, cloud functions, usage models, etc.

There will be questionnaires according to the stakeholder type. Hence, registered stakeholders will receive a link to the questionnaire according to their type. In total, 4 different questionnaires will be available: Supply, Demand, Entities involved in regulatory work and Research and Development.

The compilation of the survey is expected to take for the demand-side respondents around one hour, for the supply-side respondents around one and half hours. Responding entities involved in regulatory work and Research and Development, may complete the survey in no more than one hour.

Survey respondents are expected to have a good overview of the cybersecurity policy and be familiar with basic financial figures of their organisation.

All surveys are performed anonymously.