The NIS2 Directive expands the number of organizations required to implement cybersecurity measures across the European Union. Its goal is to strengthen the protection of essential sectors and improve resilience against increasingly frequent and sophisticated cyber threats.
While many organizations believe this regulation only applies to large corporations or critical infrastructure, the reality is quite different. NIS2 significantly expands the number of companies required to implement cybersecurity measures and, in many cases, also applies to suppliers that are part of the supply chain.
It is important to keep in mind that NIS2 is a European directive that each country must transpose into its national legislation. In Spain, the future Cybersecurity Coordination and Governance Act—which will implement these requirements—is still going through the legislative process as of the date of this article. As a result, some details, including specific thresholds, deadlines, and enforcement provisions, will be confirmed once the law is enacted. Even so, taking a proactive approach remains the best course of action.
Does my company need to comply with the NIS2 Directive?

Does my company need to comply with the NIS2 Directive?
Jul 13, 2026 9:00:03 AM
3
min read
Managed cybersecurity vs. internal IT department: Cost comparison

Managed cybersecurity vs. internal IT department: Cost comparison
Jul 9, 2026 9:00:00 AM
3
min read
Cybersecurity in beauty sector companies: real business impact, costs, and NIS2/ENS compliance

Cybersecurity in beauty sector companies: real business impact, costs, and NIS2/ENS compliance
Jun 30, 2026 10:45:00 AM
2
min read
Logistics: GPS spoofing and attacks on transportation fleets

Logistics: GPS spoofing and attacks on transportation fleets
Jun 30, 2026 9:00:00 AM
4
min read
NIS2: What we already know (and what you can do) while we wait for the law

NIS2: What we already know (and what you can do) while we wait for the law
Jun 25, 2026 9:00:00 AM
4
min read
Differences between IT and OT security in industrial environments

Differences between IT and OT security in industrial environments
Jun 22, 2026 9:00:00 AM
3
min read
Algorithmic sabotage: the risk of data poisoning in in-house AI models

Algorithmic sabotage: the risk of data poisoning in in-house AI models
Jun 11, 2026 9:00:00 AM
3
min read
Data protection in aesthetic clinics and beauty centers

Data protection in aesthetic clinics and beauty centers
Jun 8, 2026 9:00:00 AM
5
min read
Data exfiltration through "screenshots" and personal devices

Data exfiltration through "screenshots" and personal devices
Jun 4, 2026 9:30:00 AM
3
min read
Legacy software: the silent risk of modern cybersecurity

Legacy software: the silent risk of modern cybersecurity
Jun 2, 2026 9:00:00 AM
5
min read
Human factor errors in companies: The risk of authentication fatigue

Human factor errors in companies: The risk of authentication fatigue
May 28, 2026 9:00:00 AM
2
min read
ChatGPT in the company: cybersecurity and risk mitigation guide

ChatGPT in the company: cybersecurity and risk mitigation guide
May 21, 2026 9:00:00 AM
3
min read


