NIS2 in Romania: what Law 155/2025 actually requires of your security programme
A practitioner-grade walk-through of NIS2 as transposed into Romanian law — Article 21, the 24-hour incident reporting clock, and what evidence DNSC will actually look for.
Read the articleDORA implementation field guide: from January 2025 to your first ESMA review
A field guide for ICT and security leaders inside scope of DORA — what changed at January 2025, what TLPT means in practice, and how to align your programme with Articles 9, 13 and 17.
Read the articleEU Cyber Resilience Act conformity assessment — what to do before 2027
The CRA applies fully in 2027 to anyone placing a product with digital elements on the EU market. A practitioner walkthrough of Annex I, Annex II vulnerability handling, and the conformity assessment routes.
Read the articleThe EU AI Act, meet your cybersecurity programme
High-risk AI systems must satisfy cybersecurity essential requirements under Article 15 of the AI Act. A pragmatic walkthrough for security leaders whose product or operation includes AI components.
Read the article