Categories

Startup

NIS2 in Spain: a technical translation of 2026 obligations

The Spanish draft law transposing NIS2 is still in parliament in 2026, but the directive's technical obligations have applied since October 2024. Practical map: the ten minimum security measures, the 24-hour, 72-hour and one-month incident notification window, and the new supply-chain security obligations.

Artificial Intelligence

LLM red teaming: a practical playbook

LLM red teaming has gone from an esoteric activity to a mandatory practice. With the OWASP Agentic Top 10 and the CSA Agentic AI Red Teaming Guide converging on shared vocabulary, this is the operational playbook any team deploying agents needs to have.

Technology

NIS2: Transposition Status Across Member States

The NIS2 directive entered into force on October 17, 2024, but by mid-2026 only part of the member states have fully transposed it: Germany and the Netherlands closed their law, Spain and France remain in process under pressure from Brussels. Here is what already applies and how to prepare without panic.

Technology

Supply-Chain Attacks: Lessons from 2023

In 2023, software supply chains became attackers' favourite target: MOVEit exposed data from hundreds of organisations through a zero-day flaw, 3CX shipped a trojanised installer to millions of users, and npm and PyPI kept receiving malicious typosquatted packages. The practical defence combines SBOM, artefact signing with Sigstore, SLSA maturity levels, and continuous dependency scanning.

Technology

NIS2: What Europe’s New Directive Changes for Cybersecurity

The NIS2 Directive expands European cybersecurity from 7 to 18 sectors, mandates 10 minimum technical measures and 24-hour incident notification, and imposes fines of up to 10 million euros or 2% of global turnover, with personal liability for management bodies that fail to comply.

Technology

Is the CIO Role Outdated? The Evolution of the Chief Information Officer

The CIO role has been under growing pressure for years. Automation cuts the operational load, merging with the CDO and CTO creates ambiguity over who leads what, and digital transformation demands skills that were not previously required. The CIO who evolves remains indispensable; the one who does not gets left behind.

Technology

Cybersecurity: Protection Against Digital Threats

Cybersecurity combines technical controls (encryption, MFA, network segmentation), team training and an incident response plan to reduce the risk of ransomware, phishing, malware and identity theft. No single measure is enough: effectiveness depends on applying every layer at once and auditing the system regularly.