“The Day Before the Breach” – A Cyber-Stress Test Awakening at MedData Grid Karin had a habit of asking dangerous questions. It was a rainy Monday in Brussels when she looked across the conference room table and dropped one: “We’ve got policies, procedures, and risk registers… but what happens when the lights actually flicker?” As

EU Vulnerability Database (EUVD) Enters Beta: What ISO 27001-certified firms and NIS2 “essential” & “important” entities should do now The European Union Agency for Cybersecurity (ENISA) has quietly opened public access to its European Vulnerability Database (EUVD), a consolidated platform that fuses data from CVE, CISA’s Known-Exploited-Vulnerability (KEV) catalogue, national CSIRT advisories, vendor patches and

This is a warning! In recent years, climate change has shifted from a distant environmental issue to a direct operational threat for businesses across Europe. Extreme weather events are no longer isolated anomalies; they are becoming a predictable risk factor — with immediate consequences for supply chains, critical infrastructure, and corporate resilience. This week’s electricity

“Pass this course or pay for it later.The Internal Auditor CyFun Essentials training turns NIS 2 theory into the three artefacts every regulator will demand on day one: a live risk register, a board-approved treatment plan and documented residual-risk sign-off. In two days you leave audit-ready—skipping months of trial-and-error and avoiding five-figure fines. For essential

Brussels – April 2025 – With the European Supervisory Authorities (ESAs) publishing the final Regulatory Technical Standards (RTS) under DORA, the spotlight now turns to essential Managed Service Providers (MSPs) serving financial entities. As these MSPs also fall under the NIS2 Directive, they face a dual regulatory obligation — and the bar for compliance has

April 2025 – By NIS2.news Editorial Team – Danny Zeegers For managed service providers (MSPs) falling under the scope of the NIS2 Directive, compliance is no longer just about ticking ISO 27001 boxes. With the Digital Operational Resilience Act (DORA) looming for financial-related entities, a practical convergence of frameworks is not only smart—it’s essential. The