Field notes from the SOC and the audit room.
Two new posts a month. Written by the people who run the platform.
The DNS Under NIS2: Why Domain Name System Security Is Foundational
NIS2 treats DNS as critical infrastructure. Understand why domain name system security matters and what NIS2 requires of DNS providers.
SMEs and NIS2: Preparing Even If Not Directly In Scope
SMEs not directly in NIS2 scope should prepare now. Learn how supply chain, partner networks and indirect obligations affect your business.
Encryption Under NIS2: Mandatory for Some, Encouraged for All
NIS2 encryption guidance for telecom providers. Understand when end-to-end encryption is mandatory and why it matters for communications security.
NIS2 for the Food Sector: Wholesale and Industrial Processing
Understand NIS2 requirements for food businesses. Learn how wholesale and industrial processing entities must implement cybersecurity under Annex II Sector 4.
Peer Reviews Under NIS2: How Member States Will Be Assessed
Understand NIS2 Article 19 peer review process. Learn how Member States evaluate each other's cybersecurity capabilities and NIS2 implementation.
WHOIS Data Under NIS2: Obligations for Registries and Registrars
Understand NIS2 Article 28 WHOIS data obligations. Learn what domain registries and registrars must implement to maintain DNS security.
Large-Scale Incident and Crisis Management Under NIS2
Understand NIS2 Articles 9 and 16 requirements for large-scale cybersecurity incidents. Learn about national crisis frameworks and EU-CyCLONe coordination.
NIS2 in Germany: How the New BSI-Gesetz Transposes the EU Directive
Germany transposed NIS2 through the NIS2UmsuCG of 5 December 2025, replacing the BSI-Gesetz in full. Scope, BSI authority, KRITIS rules, incident reporting, fines and what to do this quarter.
Cybersecurity Training Requirements: What Management and Staff Need to Know
Understand NIS2 Article 20 training mandates. Learn what cybersecurity knowledge management and staff must develop to comply with NIS2.