Scanning tools, technical testing, monitoring platforms and automated alerts have become common across many organisations and, as a result, most are now able to identify vulnerabilities. However, this has not translated into an equivalent reduction in the number of incidents. The problem rarely lies in the lack of…
For years, cybersecurity strategies have largely focused on external threats: ransomware, phishing, vulnerability exploitation or supply chain attacks. However, there is a risk that continues to grow inside organisations, often without malicious intent, without visible alerts and without going through normal security processes. That risk…
The problem is no longer the lack of policies or audits One of the main concerns for organisations used to be failing to comply with regulatory requirements. Failing audits, lacking documented policies, or not meeting the expectations of customers and regulators was seen as…
Vulnerability management is far from being a new problem, but even so, it continues to be one of the weakest points in most organisations. There are numerous tools and alerts, but the number of exposed vulnerabilities continues to grow, and incidents continue to…
In recent years, business continuity has gained prominence within organisations, largely driven by the entry into force of DORA and the strengthening of the NIS2 Directive. Regulatory requirements have made it clear that operational resilience is no longer optional. Nevertheless,…
The entry into force of DORA and NIS2 (Decree-Law no. 125/2025) has placed cybersecurity at the centre of strategic decision-making within organisations. Gradually, it ceases to be viewed as an exclusively technical issue and assumes a structural dimension within operational…