The latest insights on NIS2 compliance and cybersecurity.
Italy's NIS2 authority ACN has opened the categorization portal. Every registered NIS entity must submit by June 30, 2026 — and what they file now determines their security obligations come October.
Belgium became the first EU member state to enforce a hard NIS2 conformity assessment deadline. Here is what the CyFun framework means for MSPs and IT consultants serving Belgian clients.
The Dutch parliament approved the Cyberbeveiligingswet (Cbw) on 15 April 2026. Enforcement follows within weeks of entry into force. Here's what organisations in the Netherlands need to do now.
These 10 questions from our NIS2 compliance assessment reveal the gaps that catch even well-prepared organisations off guard. Test yourself — if you hesitate on more than three, you have work to do.
Poland enacted its NIS2 law in March 2026. Registration deadline: 3 October 2026. Here's what it means for EU suppliers and supply chains.
NIS2 Article 21(2)(d) requires cybersecurity clauses in supplier contracts. Learn what must be included and how it affects SMEs in the supply chain.
Portugal's NIS2 law took effect on 3 April 2026. Decreto-Lei 125/2025 is live. Here's what EU suppliers to Portuguese entities need to know now.
Germany's BSI registration deadline passed on 6 March 2026. Around 18,000 companies failed to register. Here's what happened and what it means for your business.
Learn how to run a NIS2 gap analysis against Article 21. Identify compliance gaps, prioritise actions, and prepare before enforcement begins.
NIS2 fines reach €10M or 2% of global turnover. Learn what board members risk, which measures are mandatory, and how to prepare before enforcement starts.
NIS2 fines get the headlines. But management bans, public naming, and suspended operations can hurt your business far more. Here are the 7 penalties you need to know.
If your organisation operates in the financial sector, you may face two overlapping EU regulations: NIS2 and DORA. They share common ground but serve different purposes. Here is how they compare — and what you need to do.
Managed service providers fall under NIS2 directly — AND face new requirements from their customers. This creates a unique challenge, but also a massive business opportunity. Here is how to turn NIS2 from a compliance burden into a revenue stream.
When a significant cybersecurity incident hits, NIS2 gives you just 24 hours to file your first report. Miss the deadline and you face additional penalties. Here is exactly what you need to report, when, and to whom.
NIS2 doesn't just regulate the organisations in scope — it reshapes the entire supply chain. If you're a supplier, MSP, or software vendor to a NIS2 entity, expect new cybersecurity requirements. Here is what you need to know.
Article 21 of the NIS2 Directive lists ten cybersecurity measures every covered organisation must implement. This guide explains each one in plain language — with practical examples of what "good" looks like.
The NIS2 transposition deadline was October 2024, but implementation varies wildly across the EU. Some countries are fully enforcing the law. Others haven't even finished drafting it. Here is the current status per country.
If your organisation already has ISO 27001 certification, you have a solid foundation for NIS2 compliance. But ISO 27001 alone is not enough. Here is exactly where the gaps are — and how to close them.
Under NIS2, board members are personally liable for cybersecurity failures. This is not a theoretical risk — it is written into EU law. Here is what that means for you as a director.
One of the most common questions about NIS2 is: does it actually apply to me? The answer depends on two factors — your organisation's size and the sector you operate in. Here is how to find out.
The NIS2 Directive is the EU's most ambitious cybersecurity law to date. It applies to thousands of organisations across 18 sectors. Here is what it means for your business — and what you need to do.
