EU funding
|ACN
|cybersecurity compliance
|CRA
|PMI
|cascade funding
|SECURE
|Cyber Resilience Act
|open call
|mSME
SECURE First Open Call 2026: What mSMEs Need to Submit Before 29 March 2026
February 20, 2026
The SECURE First Open Call (28 Jan – 29 Mar 2026) offers up to EUR 30,000 per project at 50% co-financing to help mSMEs achieve Cyber Resilience Act …
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|accountability
|baseline
|roles
|point of contact
|referente
|incident
NIS2 Point of Contact and CSIRT Contact Role: Accountability and Operating Duties
February 18, 2026
NIS2 implementation guidance distinguishes the legal Point of Contact from the operational CSIRT contact role. Practical guide to role formalization,…
cybersecurity
|compliance
|NIS2
|ACN
|supply chain
|baseline
|risk assessment
|GV.SC
|suppliers
|procurement
|contracts
NIS2 Supply-Chain Security: Managing Critical Suppliers and High-Impact Procurements
February 17, 2026
NIS2 supply-chain security is a governance obligation covering supplier identification, risk assessment, contractual integration, and lifecycle monit…
cybersecurity
|compliance
|NIS2
|ACN
|governance
|GRC
|baseline
|evidence
|audit
|documentation
|inventories
|registers
NIS2 Documentary Evidence and Audit Readiness: How to Structure Compliance Proof
February 14, 2026
ACN baseline guidance requires documentary evidence as a core compliance element. Practical guide to evidence families, obligation-to-evidence mappin…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|significant incident
|IS-3
|service level
|availability
|disruption
NIS2 Significant Incident IS-3: Violation of Expected Service Levels
February 13, 2026
IS-3 in the ACN baseline model covers service-level violation incidents affecting entity services and activities. Practical guide to qualification, s…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|significant incident
|IS-2
|integrity
|data modification
NIS2 Significant Incident IS-2: Integrity Loss Affecting Digital Data
February 12, 2026
IS-2 in the ACN baseline model covers integrity loss affecting digital data under entity ownership or control. Practical guide to qualification, evid…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|IS-1
|significant incident
|confidentiality
|data leak
NIS2 Significant Incident IS-1: Confidentiality Loss Affecting Digital Data
February 11, 2026
IS-1 in the ACN baseline model covers confidentiality loss affecting digital data under entity ownership or control. Practical guide to qualification…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|incident typology
|condition
|compromise
|classification
NIS2 Incident Typology Model: Condition, Compromise, and Affected Object
February 10, 2026
ACN baseline guidance classifies significant incidents through condition, compromise, and object of compromise. Practical guide to using the typology…
cybersecurity
|compliance
|NIS2
|ACN
|resilience
|baseline
|backup
|recovery
|RC
|restore
|continuity
|disaster recovery
NIS2 Recovery Controls (RC): Operational Resilience and Service Restoration
February 07, 2026
The NIS2 Recovery (RC) domain defines how entities restore operations after incidents and sustain resilience. Practical guide to restoration procedur…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|baseline
|response
|RS
|containment
|eradication
|incident handling
|remediation
NIS2 Response Controls (RS): Containment and Eradication in Incident Handling
February 06, 2026
Containment and eradication are iterative response steps that limit damage and remove attacker persistence. Practical guide to strategy selection, ev…
cybersecurity
|compliance
|NIS2
|ACN
|incident response
|CSIRT
|baseline
|escalation
|response
|RS
|signaling
|investigation
|forensics
NIS2 Response Controls (RS): Signaling and Investigation Operating Model
February 05, 2026
The NIS2 Response (RS) domain requires structured incident response through signaling, investigation, and iterative decision loops. Practical guide t…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|monitoring
|baseline
|detection
|DE
|SIEM
|log
|triage
|escalation
NIS2 Detection Controls (DE): Event Monitoring and Adversarial Signal Handling
February 04, 2026
The NIS2 Detection (DE) domain requires monitoring networks, services, and endpoints to identify adverse events early. Practical guide to log readine…
compliance
|NIS2
|ACN
|resilience
|baseline
|protection
|PR
|access control
|training
|backup
|data security
|platform security
NIS2 Protection Controls (PR): Technical and Organizational Measures in Execution
February 03, 2026
The NIS2 Protection (PR) domain translates risk decisions into safeguards over identities, data, platforms, and infrastructure. Practical guide to PR…
cybersecurity
|compliance
|NIS2
|ACN
|baseline
|identification
|ID
|asset management
|risk assessment
|vulnerability
|improvement
NIS2 Identification Controls (ID): Inventories, Risk Assessment, and Improvement Cycle
January 31, 2026
The NIS2 Identification (ID) domain covers asset visibility, risk assessment, treatment planning, vulnerability processes, and improvement cycles. Pr…
cybersecurity
|compliance
|NIS2
|ACN
|governance
|supply chain
|accountability
|baseline
|GV
|policy
|roles
NIS2 Governance Controls (GV): Policies, Roles, and Accountability Model
January 30, 2026
The NIS2 Governance (GV) domain defines cybersecurity direction, accountability, and oversight. Practical guide to implementing GV controls: context,…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT Italia
|Article 25
|incident notification
|notifica incidenti
|24 hours
|72 hours
NIS2 Article 25 in Practice: Incident Notification Obligations and Operating Timeline
January 29, 2026
Article 25 of Italy's NIS decree requires notification of significant incidents to CSIRT Italia. Practical guide to the 24h/72h notification timeline…
cybersecurity
|risk management
|compliance
|NIS2
|ACN
|NIST CSF
|Article 24
|gestione rischio
|baseline
|controls
NIS2 Article 24 in Practice: How to Implement Cybersecurity Risk-Management Measures
January 28, 2026
Article 24 of Italy's NIS decree requires proportionate cybersecurity measures. Practical guide to implementing control families (GV/ID/PR/DE/RS/RC) …
cybersecurity
|compliance
|NIS2
|ACN
|governance
|Article 23
|accountability
|Legislative Decree 138/2024
|management
|organi direttivi
NIS2 Article 23 in Practice: Obligations for Management and Governing Bodies
January 27, 2026
Article 23 of Italy's NIS decree requires governing bodies to formalize cybersecurity governance, approve policies, oversee implementation, and maint…
cybersecurity
|compliance
|NIS2
|ACN
|governance
|NIS
|baseline obligations
|obblighi di base
|Article 23
|Article 24
|Article 25
|incident notification
NIS2 Baseline Obligations in Practice: Master Overview for Governance, Controls, and Incident Operations
January 24, 2026
Master overview of Italy's NIS2 baseline obligations covering governance (Art. 23), risk management (Art. 24), and incident notification (Art. 25). A…