The entry into force of the Cyber Resilience Act (CRA) introduces a new framework for organisations that develop or deliver digital products in Europe. By 2027, it will be mandatory to ensure that these products meet security requirements throughout their entire lifecycle. …
The Cyber Resilience Act (CRA) introduces a structural shift in how security is understood within the European context. More than a new regulation, it represents a profound change in the responsibility of organisations that develop or deliver digital products. Until…
In recent years, business continuity has gained prominence within organisations, largely driven by the entry into force of DORA and the strengthening of the NIS2 Directive. Regulatory requirements have made it clear that operational resilience is no longer optional. Nevertheless,…
The entry into force of DORA and NIS2 (Decree-Law no. 125/2025) has placed cybersecurity at the centre of strategic decision-making within organisations. Gradually, it ceases to be viewed as an exclusively technical issue and assumes a structural dimension within operational…
Last Friday, Portugal approved the legal framework transposing Directive (EU) 2022/2555 (NIS2). An important step, no doubt. But the real question is: what happens now? My opinion is clear: most organizations are not prepared. And it is not a matter…
Following Europe's Digital Decade strategy to improve the security and resilience of the European digital space, the EU has launched a new proposal to "address market needs and protect consumers from insecure products by introducing common cybersecurity rules for manufacturers…
