On June 26, 2025, the European Union Agency for Cybersecurity (ENISA) published two sets of guidelines to help businesses ensure their organizational compliance with the NIS2 Directive.
The aim of the guidelines is to support companies in understanding how legal requirements translate into operational activities, particularly regarding (i) roles and skills for professionals within essential
Continue Reading EU: ENISA Guidelines on Compliance with NIS 2 Directive Published
The NIS2 Directive has significantly reshaped the cybersecurity landscape across the EU. Since the implementation deadline in October 2024, EU Member States have been working to incorporate new standards into their national laws, fostering a dynamic and rapidly evolving regulatory environment. Recently, Ireland’s National Cyber Security Centre (NCSC) published the draft NIS2 Risk Management Measures
Continue Reading Ireland: NIS2 revamps Ireland’s cybersecurity landscape: Old regulators, new powers
The Spanish Data Protection Authority (“AEPD“) has published its 2024 annual report, which includes the AEPD’s awareness-raising activities; the collaboration and inspection activities of the Spanish authorities; relevant reports and procedures published during 2024; and an analysis of regulatory trends and key privacy challenges for the coming months. The annual report’s key elements
Continue Reading Spain: Spanish Data Protection Authority Publishes Annual Report
