Field notes from the SOC and the audit room.
Two new posts a month. Written by the people who run the platform.
The NIS2 Incident Reporting Framework: Step-by-Step Guide
Master NIS2 incident reporting: 24-hour and 72-hour timelines, notification process, what to report, and how to comply with Article 23.
Board-Level Cybersecurity Accountability Under NIS2
NIS2 Article 20 makes boards liable for cybersecurity. Understand governance requirements, approval duties, oversight, training, and personal liability.
Article 21 Decoded: The 10 Cybersecurity Risk-Management Measures
Master NIS2 Article 21's 10 mandatory cybersecurity risk-management measures. Detailed breakdown with implementation guidance for each measure.
From NIS1 to NIS2: What Changed and Why It Matters
Understand the evolution from NIS1 to NIS2. Learn scope expansion, fragmentation fixes, enforcement changes, and what matters for your compliance.
NIS2 Scope Demystified: How to Determine If Your Organisation Is In Scope
Decode NIS2 scope in 6 minutes. Check if you're in scope: Annex I/II sectors, size rules, exceptions, and Member State discretion explained clearly.
The Ultimate Guide to NIS2 Compliance: Everything You Need to Know
Complete NIS2 compliance guide covering scope, obligations, reporting, enforcement, and sectors. Essential reading for CISOs and compliance teams.
Is €50K for ISO27001 Worth It? Probably Not the Way You're Spending It.
SMEs spend €50-80K on ISO 27001 certification without fixing real security gaps. Learn when the investment makes sense and what to do instead.