NIS2, the EU’s second Network and Information Systems Directive, is not going anywhere. While the swathe of organisations newly in scope of the EU’s hallmark cybersecurity directive may have hoped that the EU’s recent...more
2/24/2026
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Digital Platforms ,
Electronic Communications ,
Electronic Data Transmissions ,
EU ,
European Commission ,
Proposed Legislation ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Telecommunications
The requirement of NIS2 that in-scope entities adopt measures to ensure the security of its immediate supply chain is one of the lesser discussed aspects of the Directive. ...more
12/12/2025
/ Contract Terms ,
Cybersecurity ,
Due Diligence ,
ENISA ,
EU ,
EU Directive ,
European Commission ,
Regulatory Requirements ,
Risk Management ,
Subcontractors ,
Suppliers ,
Supply Chain
The NIS2 Directive marks a significant evolution in the European Union’s approach to cybersecurity, expanding both the scope of regulated entities and the depth of compliance obligations. These rules are essential for...more
11/26/2025
/ Board of Directors ,
Business Entities ,
Compliance ,
Corporate Governance ,
Cybersecurity ,
Digital Operational Resilience Act (DORA) ,
Enforcement Actions ,
EU ,
EU Directive ,
Liability ,
Member State ,
New Legislation ,
Regulatory Requirements ,
Risk Management ,
Training Requirements
The European Space Agency launched the James Webb Space Telescope on Christmas Day 2021 from its facility in French Guiana. A collaboration between NASA, CSA and ESA, the JWST’s launch could not have gone better – a perfect...more
11/24/2025
/ AI Act ,
Artificial Intelligence ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
DATA Act ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data-Sharing ,
ENISA ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
NASA ,
New Legislation ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
Small and Medium-Sized Enterprises (SMEs)
Introduction -
The NIS2 Directive marks a significant evolution in the European Union’s approach to cybersecurity, introducing more stringent requirements and expanding the scope of covered sectors to address emerging...more
11/11/2025
/ Compliance ,
Cross-Border Transactions ,
Cybersecurity ,
Digital Service Providers ,
EU ,
Incident Response Plans ,
Member State ,
Multinationals ,
Network and Information Security Directive ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management
Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more
Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
10/2/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Data Security ,
EU ,
Regulatory Agenda ,
Risk Assessment ,
Risk Management ,
Supply Chain ,
UK