The cyber threat landscape is constantly evolving. The Enisa Threat Landscape 2025 provides an up-to-date snapshot of emerging risks and trends affecting cybersecurity in Europe

The Code of Practice on General Purpose AI (GPAI), a tool developed by independent experts to help industry implement the European AI Regulation (AI Act), has been published. The Code is a step forward in ensuring security, transparency and copyright…

The Digital Operational Resilience Act (DORA) was created as a response to the increasingly complex technological environment in which financial entities operate, which is characterized by fragmented regulation spread across multiple regulations. The purpose of DORA is to simplify and…

The DORA regulation establishes technical requirements for financial entities and ICT providers in four main areas.

On January 15, 2025, the regulation on the Cyber Solidarity Act was officially published in the Official Journal of the European Union. This legislation aims to enhance EU member states’ coordinated cooperation and response to cybersecurity.

Cybersecurity is a priority for the EU.ENISA, the European Union Cybersecurity Agency, will play a crucial role in strengthening our continent’s digital resilience.

NIS 2 is a key step in information security management for organizations. It is essential to adopt security policies and procedures for incident management, with a focus on the supply chain. As of Dec. 1, 2024, all organizations affected by…

Risk management requires that significant incidents be reported to CSIRT Italy within specific deadlines, ensuring a prompt and appropriate response. Penalties for failure to notify can be severe, with penalties reaching up to 10 million euros or significant percentages of…

After publication in the Official Journal of the European Union on November 20, the regulation will enter into force on the 20th day after publication. The provisions will be applicable from 36 months after that date. However, Article 14, on…