Compliance
NIS 2 · · 13 min read
NIS2 Bulgaria Compliance Guide: Cybersecurity Act Amendments and DAEU Requirements for 2026
Complete guide to NIS2 compliance in Bulgaria — covering the amended Cybersecurity Act (Закон за киберсигурността), DAEU enforcement, National CSIRT bg incident reporting, entity classification, sector requirements, penalties, implementation timeline, and cyber insurance implications for Bulgarian entities.
NIS 2 · · 13 min read
NIS2 Estonia Compliance Guide: Cybersecurity Act Amendments and RIA Requirements for 2026
Complete guide to NIS2 compliance in Estonia — covering the amended Cybersecurity Act (Küberturvalisuse seadus), RIA enforcement, CERT-EE incident reporting, entity classification, sector requirements, penalties, phased implementation timeline, and cyber insurance implications for Estonian entities.
Ransomware · · 7 min read
NIS2 Ransomware Reporting Requirements: What Incident Response Teams Must Know
Under NIS2, ransomware incidents trigger mandatory reporting obligations with tight deadlines and personal liability for management. Here is the compliance playbook incident response teams need.
NIS 2 · · 11 min read
NIS2 Romania Compliance Guide: Romanian Cybersecurity Law and ANSI Requirements for 2026
Complete guide to NIS2 compliance in Romania — covering the amended Cybersecurity Law (Legea 361/2018), ANSI enforcement, STS coordination, entity classification, sector requirements, penalties, and implementation timeline for Romanian entities.
NIS 2 · · 12 min read
How to Prepare for a NIS2 Audit: Documentation, Evidence, and Compliance Verification Guide (2026)
Complete guide to NIS2 audit preparation. Covers documentation requirements by Article, evidence collection, common failures, management liability, and a 30-day pre-audit checklist for in-scope EU entities.
NIS 2 · · 11 min read
NIS2 Austria Compliance Guide: NISG 2026 Requirements, BMI Authority and DACH Region Framework for 2026
Complete guide to NIS2 compliance in Austria. Covers the NISG 2026 (Network and Information Systems Security Act), BMI/Bundesamt für Cybersicherheit authority, entity classification, sector requirements, CERT.at incident reporting, penalties up to €10M, and the 1 October 2026 entry into force deadline.
NIS 2 · · 12 min read
NIS2 Belgium Compliance Guide: CCB Requirements and CyberFundamentals Framework for 2026
Complete guide to NIS2 compliance in Belgium. Covers the CCB enforcement framework, Law of 26 April 2024, CyberFundamentals (CyFun) compliance tracks, entity classification, sector requirements, penalties, and the 18 April 2026 deadline for essential entities.
NIS 2 · · 8 min read
NIS2 Czech Republic Compliance Guide: Act No. 264/2025, NÚKIB Authority and Strategically Important Services for 2026
Complete guide to NIS2 compliance in the Czech Republic. Covers Act No. 264/2025 Coll., NÚKIB authority, uniquely expanded scope with "strategically important services," entity classification, higher vs. lower obligations regimes, penalties up to CZK 250M (~€10M), and registration deadlines.
NIS 2 · · 8 min read
NIS2 Denmark Compliance Guide: NIS-2-loven, CFCS Authority and Danish Cybersecurity Framework for 2026
Complete guide to NIS2 compliance in Denmark. Covers the NIS-2-loven (Bill L 141), CFCS authority under Defence Intelligence, SAMSIK registration, entity classification, sector-specific obligations, criminal enforcement model, penalties up to DKK 75M (~€10M), and key registration deadlines.
NIS 2 · · 9 min read
NIS2 Finland Compliance Guide: Kyberturvallisuuslaki (Act 124/2025), Traficom Authority and Kybermittari Framework for 2026
Complete guide to NIS2 compliance in Finland. Covers the Kyberturvallisuuslaki (Cybersecurity Act 124/2025), Traficom/NCSC-FI authority, free Kybermittari self-assessment tool, entity classification with 50,000-resident municipal threshold, guidance-first enforcement, penalties up to €10M, and key registration deadlines.
NIS 2 · · 12 min read
How to Conduct a NIS2 Gap Analysis: Step-by-Step Readiness Assessment for 2026
Complete NIS2 gap analysis methodology with step-by-step instructions, free checklist template, and readiness scoring framework. Identify compliance gaps across all 10 Article 21 measures, incident reporting, governance, and supply chain security before your national authority does.
NIS 2 · · 13 min read
NIS2 Greece Compliance Guide: ENSI Authority, Maritime & Energy Sector Requirements, and What Greek Entities Must Do in 2026
Complete guide to NIS2 compliance in Greece. Covers the ENSI (Εθνική Αρχή Κυβερνοασφάλειας) authority, entity classification, maritime fleet obligations, island energy infrastructure, GR-CSIRT incident reporting, penalties up to €10M, and the compliance roadmap for Greek entities.
NIS 2 · · 8 min read
NIS2 Ireland Preparation Guide: National Cyber Security Bill, NCSC Ireland and CyFun Framework for 2026
Complete guide to NIS2 preparation in Ireland. Covers the pending National Cyber Security Bill, NCSC Ireland authority, CyFun compliance framework adopted from Belgium, 15 Risk Management Measures, entity classification expectations, and what organizations should do now despite legislation not yet enacted.
NIS 2 · · 12 min read
NIS2 Italy: ACN Compliance Requirements, Enforcement Timeline, and What Italian Entities Must Do in 2026
Italy's Agenzia per la Cybersicurezza Nazionale (ACN) is enforcing NIS2 with surprise audits, dual-authority supervision, and personal liability for management. Essential entities face €10M fines. Complete guide to Italian NIS2 transposition, ACN registration, and compliance steps for Decree 138/2024.
NIS 2 · · 11 min read
NIS2 Netherlands Compliance Guide: NCSC-NL Requirements for Dutch Entities
Complete guide to NIS2 compliance in the Netherlands. Covers NCSC-NL enforcement, Uitvoeringswet cybersecurityrichtlijn implementation, sector-specific requirements, deadlines, penalties, and what Dutch entities must do now.
NIS 2 · · 13 min read
NIS2 Poland Compliance Guide: Ustawa o Cyberbezpieczeństwie and NCSA Requirements for 2026
Complete guide to NIS2 compliance in Poland — covering the amended Cybersecurity Act (Ustawa o cyberbezpieczeństwie), NCSA enforcement, entity classification under Polish law, sector requirements, penalties, and implementation timeline for Polish entities.
NIS 2 · · 8 min read
NIS2 Portugal Compliance Guide: Decree-Law 125/2025, CNCS Authority and Four-Tier Entity Framework for 2026
Complete guide to NIS2 compliance in Portugal. Covers Decree-Law 125/2025 (Regime Jurídico da Cibersegurança), CNCS authority, unique four-tier entity classification, mandatory cybersecurity officer appointment, 24-month delayed enforcement, penalties up to €10M, and key registration deadlines.
NIS 2 · · 10 min read
NIS2 Supply Chain Security Requirements: Third-Party Risk Management Guide for 2026
NIS2 Article 21 mandates supply chain security for all essential and important entities. Complete guide to third-party risk assessments, vendor security clauses, supply chain vulnerability monitoring, and compliance evidence — with free checklist and implementation templates.
NIS 2 · · 11 min read
NIS2 Sweden Compliance Guide: Cybersäkerhetslagen SFS 2025:1506, MCF Authority and Nordic Framework for 2026
Complete guide to NIS2 compliance in Sweden. Covers the Cybersäkerhetslagen (Cybersecurity Act SFS 2025:1506), MCF (formerly MSB) authority, CERT-SE incident reporting, entity classification, sector requirements, decentralized supervision model, penalties up to €10M, and the January 2026 entry into force.
Cyber Resilience Act · · 12 min read
Cyber Resilience Act vs NIS2 vs DORA: Which Regulation Applies to My Insured?
A practical comparison of the three major EU cybersecurity regulations — CRA, NIS2, and DORA — explaining scope, timelines, requirements, and what cyber insurance underwriters need to ask clients in 2026.
NIS 2 · · 11 min read
NIS2 Article 21 Technical Measures: The Complete Security Requirements Breakdown for 2026
NIS2 Article 21 defines 10 mandatory security measures every essential and important entity must implement. Complete breakdown of each requirement with implementation guidance, audit evidence expectations, and compliance timeline.
NIS 2 · · 11 min read
NIS2 France: ANSSI Compliance Requirements, Enforcement Timeline, and What French Entities Must Do in 2026
ANSSI is enforcing NIS2 across France with formal notice procedures and audits. Essential entities face €10M fines. Complete guide to French NIS2 transposition, ANSSI audit expectations, and compliance steps for OSE and OSI entities.
NIS 2 · · 13 min read
NIS2 Spain: INCIBE Compliance Requirements, Enforcement Timeline, and What Spanish Entities Must Do in 2026
INCIBE and CCN are enforcing NIS2 across Spain with sector-specific audits and registration mandates. Essential entities face €10M fines. Complete guide to Spanish NIS2 transposition, INCIBE oversight, and compliance steps for operators.
NIS 2 · · 8 min read
NIS2 Board Liability: Personal Fines, Bans, and What Management Must Know in 2026
NIS2 Article 20 holds management bodies personally liable for cybersecurity failures. This guide explains personal fines, temporary bans, and the 7 steps boards must take to protect themselves in 2026.
NIS 2 · · 10 min read
NIS2 Compliance for IT Managers: The Action Plan That Actually Works in 2026
Step-by-step NIS2 compliance action plan for IT managers and CISOs. Practical implementation guide covering risk management, incident reporting, security governance, supply chain security, and business continuity — with free tools and templates.
NIS 2 · · 5 min read
BSI Opens NIS2 Enforcement: What German Entities Must Do Before the Audit
BSI has begun NIS2 enforcement audits. Essential entities in Germany face up to €10M fines. Here is what your audit readiness checklist looks like for 2026.
NIS 2 · · 6 min read
NIS2 Compliance Checklist for 2026: What Brokers Need to Verify Before Coverage Placement
Before placing cyber coverage for NIS2 in-scope clients, verify these 10 compliance checkpoints. Missing documentation is the most common coverage gap.
NIS 2 · · 9 min read
NIS2 Penalties Explained: Essential vs Important Entities and What They Mean for Coverage
NIS2 fines range from €7M to €10M depending on entity classification. Understand essential vs important entity penalties and how compliance posture affects cyber insurance pricing.
NIS2 Penalties · · 6 min read
NIS2 Penalties & Fines Explained: What Organizations Actually Face in 2026
NIS2 fines can reach €10 million or 2% of global annual turnover—whichever is higher. This breakdown explains exactly which penalties apply to essential vs important entities, what triggers enforcement, and how underwriters should factor penalty exposure into cyber risk assessment.
NIS 2 · · 16 min read
NIS2 Underwriting Questions: What Every Cyber Insurance Broker Should Ask
Practical Line 1, Line 2, and Line 3 underwriting questions for NIS2-exposed clients. Essential vs important entities. Coverage gaps brokers should flag.
NIS2 Compliance Checklist · · 18 min read
NIS2 Compliance Checklist 2026: Complete Guide for Insurance Professionals
Complete NIS2 compliance checklist with requirements, deadlines, and implementation steps. Get your organization compliant with our expert guide.
NIS 2 · · 17 min read
What is NIS2 Compliance? A Complete Guide for 2026
Master NIS2 compliance in 2026. Understand the EU cybersecurity directive, who it affects, key requirements, penalties, and how to prepare before enforcement.
NIS2 Incident Reporting · · 18 min read
NIS2 Incident Reporting: 24-Hour, 72-Hour, and 1-Month Requirements Explained
Complete guide to NIS2 incident reporting timelines, requirements, and procedures. Learn what must be reported, when, and to whom under the EU cybersecurity directive.
NIS 2 · · 10 min read
The NIS2 Audit Crunch: What Underwriters Need to Know Before June 30, 2026
With the June 30, 2026 NIS2 compliance audit deadline approaching, cyber underwriters face a narrow window to reassess risk profiles across their entire European portfolio. Here is what the audit requirement means for how you evaluate, price, and write cyber coverage.