Field notes from the SOC and the audit room.
Two new posts a month. Written by the people who run the platform.
The All-Hazards Approach: Why NIS2 Goes Beyond Digital Threats
NIS2 Article 21 mandates all-hazards approach: cyber, physical (fire, theft, flooding) and environmental security. Learn what this means in practice.
NIS2 for Digital Infrastructure: Cloud, Data Centres, DNS, and CDNs
NIS2 digital infrastructure sector (cloud, data centres, DNS, CDNs) most harmonised. Implementing acts, ENISA registry, and compliance guidance explained.
Essential vs. Important Entities: Classification, Obligations, and Supervision
Understand NIS2 essential and important entity classification. Differences in obligations, supervision, and enforcement implications explained clearly.
NIS2 Enforcement Powers: What Regulators Can Do and How to Prepare
Understand NIS2 enforcement powers (Articles 32-34). What regulators can do, penalty tiers, serious infringements, and how to minimize enforcement risk.
NIS2 for the Energy Sector: Compliance Across Electricity, Oil, Gas, and Hydrogen
Energy sector NIS2 guide covering electricity, oil, gas, hydrogen, nuclear considerations, supply chain vulnerabilities, and implementation roadmap.
Supply Chain Security Under NIS2: Managing Third-Party Risk
Master NIS2 supply chain security (Article 21(2)(d)). Vendor assessment, contractual controls, monitoring, and coordinated risk assessments explained.
The NIS2 Incident Reporting Framework: Step-by-Step Guide
Master NIS2 incident reporting: 24-hour and 72-hour timelines, notification process, what to report, and how to comply with Article 23.
Board-Level Cybersecurity Accountability Under NIS2
NIS2 Article 20 makes boards liable for cybersecurity. Understand governance requirements, approval duties, oversight, training, and personal liability.
Article 21 Decoded: The 10 Cybersecurity Risk-Management Measures
Master NIS2 Article 21's 10 mandatory cybersecurity risk-management measures. Detailed breakdown with implementation guidance for each measure.