cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|accountability
|baseline
|roles
|point of contact
|referente
|incident
NIS2 Point of Contact and CSIRT Contact Role: Accountability and Operating Duties
February 18, 2026
NIS2 implementation guidance distinguishes the legal Point of Contact from the operational CSIRT contact role. Practical guide to role formalization,…
cybersecurity
|compliance
|NIS2
|ACN
|supply chain
|baseline
|risk assessment
|GV.SC
|suppliers
|procurement
|contracts
NIS2 Supply-Chain Security: Managing Critical Suppliers and High-Impact Procurements
February 17, 2026
NIS2 supply-chain security is a governance obligation covering supplier identification, risk assessment, contractual integration, and lifecycle monit…
cybersecurity
|compliance
|NIS2
|ACN
|governance
|GRC
|baseline
|evidence
|audit
|documentation
|inventories
|registers
NIS2 Documentary Evidence and Audit Readiness: How to Structure Compliance Proof
February 14, 2026
ACN baseline guidance requires documentary evidence as a core compliance element. Practical guide to evidence families, obligation-to-evidence mappin…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|significant incident
|IS-3
|service level
|availability
|disruption
NIS2 Significant Incident IS-3: Violation of Expected Service Levels
February 13, 2026
IS-3 in the ACN baseline model covers service-level violation incidents affecting entity services and activities. Practical guide to qualification, s…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|significant incident
|IS-2
|integrity
|data modification
NIS2 Significant Incident IS-2: Integrity Loss Affecting Digital Data
February 12, 2026
IS-2 in the ACN baseline model covers integrity loss affecting digital data under entity ownership or control. Practical guide to qualification, evid…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|IS-1
|significant incident
|confidentiality
|data leak
NIS2 Significant Incident IS-1: Confidentiality Loss Affecting Digital Data
February 11, 2026
IS-1 in the ACN baseline model covers confidentiality loss affecting digital data under entity ownership or control. Practical guide to qualification…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|notification
|baseline
|incident typology
|condition
|compromise
|classification
NIS2 Incident Typology Model: Condition, Compromise, and Affected Object
February 10, 2026
ACN baseline guidance classifies significant incidents through condition, compromise, and object of compromise. Practical guide to using the typology…
cybersecurity
|compliance
|NIS2
|ACN
|resilience
|baseline
|backup
|recovery
|RC
|restore
|continuity
|disaster recovery
NIS2 Recovery Controls (RC): Operational Resilience and Service Restoration
February 07, 2026
The NIS2 Recovery (RC) domain defines how entities restore operations after incidents and sustain resilience. Practical guide to restoration procedur…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|baseline
|response
|RS
|containment
|eradication
|incident handling
|remediation
NIS2 Response Controls (RS): Containment and Eradication in Incident Handling
February 06, 2026
Containment and eradication are iterative response steps that limit damage and remove attacker persistence. Practical guide to strategy selection, ev…
cybersecurity
|compliance
|NIS2
|ACN
|incident response
|CSIRT
|baseline
|escalation
|response
|RS
|signaling
|investigation
|forensics
NIS2 Response Controls (RS): Signaling and Investigation Operating Model
February 05, 2026
The NIS2 Response (RS) domain requires structured incident response through signaling, investigation, and iterative decision loops. Practical guide t…
cybersecurity
|compliance
|NIS2
|ACN
|CSIRT
|monitoring
|baseline
|detection
|DE
|SIEM
|log
|triage
|escalation
NIS2 Detection Controls (DE): Event Monitoring and Adversarial Signal Handling
February 04, 2026
The NIS2 Detection (DE) domain requires monitoring networks, services, and endpoints to identify adverse events early. Practical guide to log readine…
compliance
|NIS2
|ACN
|resilience
|baseline
|protection
|PR
|access control
|training
|backup
|data security
|platform security
NIS2 Protection Controls (PR): Technical and Organizational Measures in Execution
February 03, 2026
The NIS2 Protection (PR) domain translates risk decisions into safeguards over identities, data, platforms, and infrastructure. Practical guide to PR…
cybersecurity
|compliance
|NIS2
|ACN
|baseline
|identification
|ID
|asset management
|risk assessment
|vulnerability
|improvement
NIS2 Identification Controls (ID): Inventories, Risk Assessment, and Improvement Cycle
January 31, 2026
The NIS2 Identification (ID) domain covers asset visibility, risk assessment, treatment planning, vulnerability processes, and improvement cycles. Pr…
cybersecurity
|compliance
|NIS2
|ACN
|governance
|supply chain
|accountability
|baseline
|GV
|policy
|roles
NIS2 Governance Controls (GV): Policies, Roles, and Accountability Model
January 30, 2026
The NIS2 Governance (GV) domain defines cybersecurity direction, accountability, and oversight. Practical guide to implementing GV controls: context,…
cybersecurity
|risk management
|compliance
|NIS2
|ACN
|NIST CSF
|Article 24
|gestione rischio
|baseline
|controls
NIS2 Article 24 in Practice: How to Implement Cybersecurity Risk-Management Measures
January 28, 2026
Article 24 of Italy's NIS decree requires proportionate cybersecurity measures. Practical guide to implementing control families (GV/ID/PR/DE/RS/RC) …
cybersecurity
|compliance
|NIS2
|ACN
|baseline
|incident typology
|classification
|essential entities
|important entities
|annexes
NIS2 Essential vs Important Entities: Compliance Differences in Baseline Obligations
January 23, 2026
The Italian NIS framework differentiates baseline obligations for essential and important entities across security measures and incident typologies. …