NIS2 makes cybersecurity a management responsibility, with registration duties, incident reporting deadlines and personal liability. We take you from "does this apply to us?" to a working, auditable security organization.
Are you an essential or important entity? Which services and suppliers are in scope? Gap analysis against the NIS2 risk-management measures, including supply-chain security.
ISMS build-up aligned with ISO 27001, incident-response and 24h/72h reporting processes, policies that fit your organization instead of shelf-ware, and management training.
Audit preparation, evidence management, continuous improvement, and where OT and embedded systems are involved, we test the systems themselves, not just the paperwork.