Accurate identification of legal entities is essential to prevent impersonation, reduce operational risk, and maintain trust in financial and commercial ecosystems.
ENISA’s Cybersecurity Exercise Methodology supports NIS2 and EU Cybersecurity Act compliance while strengthening cyber resilience.
Industry experts join Nomad Digital’s cyber-security compliance team to examine strategies for meeting EU Cyber Resilience Act requirements.
The European Union’s Cyber Resilience Act (CRA) has mandated uniform cybersecurity requirements for hardware and software with digital elements that are placed on the EU market since 2024. The...
AMSTERDAM--(BUSINESS WIRE)--Feb 24, 2026--
AMSTERDAM--(BUSINESS WIRE)--Feb 24, 2026--
BearingPoint announces the launch of two new service offerings designed to address the growing complexity of software supply chains and the upcoming regulato...
BearingPoint launches new services to help organizations gain full software transparency and meet EU Cyber Resilience Act requirements ahead of the 2027 deadline
– Advertisement – Vilnius-based RegTech Copla has secured €6 million in a Series A round led by Iron Wolf Capital, with participation from US-based Operator Stack and existing backers Specialist VC, Superhero Capital, FIRSTPICK, NGL Ventures, Loggerhead Partners, and a group of angel investors. The company builds real-time ICT compliance infrastructure that translates complex frameworks […]
DSIT, CO and DBT are collecting insights from businesses.
On 20 January 2026, the European Commission proposed a comprehensive new cybersecurity package with the aim of strengthening the European Union’s
The new funding will support product development, team growth, and expansion beyond the EU, while advancing Copla Bridge, a platform designed to help organisations manage compliance across multiple entities from a single view.
The white paper explains how the series of standards structures and specifies the CRA requirements and translates them into verifiable requirements.
Representing the digital technology industry in Europe
Lattice Semiconductor (NASDAQ: LSCC), the low power programmable leader, today announced a Cyber Resilience Reference Kit designed to help industrial and edg...
Lattice Semiconductor (NASDAQ: LSCC) announced the launch of a Cyber Resilience Reference Kit developed with EXOR International and TrustiPhi to help industrial and edge device manufacturers accelerate secure system...
Euralarm said the document is intended to help manufacturers understand categorisation and conformity assessment obligations before products can be placed on
The Europe streaming analytics market size was calculated to be USD 13.25 billion in 2025 and is anticipated to be worth USD 37.17 billion by 2034
On 20 January 2026 the European Commission published its proposal for a new cybersecurity package to strengthen the EU's cybersecurity resilience and capabilities in the face of growing threats of sophisticated cyber-attacks, including undue foreign interference. Read our overview of the key points.
According to a recent LinkedIn post from StackHawk, the upcoming EU Cyber Resilience Act (CRA), effective December 2027, is expected to tighten requirements for sof...
According to a recent LinkedIn post from StackHawk, the upcoming EU Cyber Resilience Act (CRA), effective December 2027, is expected to significantly tighten requir...
According to a recent LinkedIn post from StackHawk, the upcoming EU Cyber Resilience Act (CRA), effective December 2027, is expected to materially change how softwa...
NIS2 introduces incident reporting requirements that overlap with GDPR, DORA and other laws. The EU Digital Omnibus promises to streamline these, but questions around notification timelines and liability persist.
According to a recent LinkedIn post from StackHawk, the upcoming EU Cyber Resilience Act (CRA), effective December 2027, is described as materially tightening requi...
A key component of this Package is the proposed "Cybersecurity Act 2.0," which would revise the original 2019 Cybersecurity Act (see our 2019 Alert here). In a nutshell, the new Cybersecurity Act would: Expand the role of the European Union Agency for Cybersecurity ("ENISA") by empowering it to issue early alerts on cyber threats and incidents, manage EU-level threat and incident repositories, operate a unified incident notification platform, support organizations in responding to and recovering from ransomware attacks, and contribute to the development of EU cybersecurity certification schemes. Simplify and enhance the Cybersecurity Certification Framework established under the 2019 Cybersecurity Act, which allows for the certification of information and communication technology ("ICT") products, services, and processes. While, at this stage, certification would remain voluntary for businesses, the proposal introduces three key changes: (i) expanding the scope of the certification so entities can certify their overall cybersecurity posture, creating a presumption of conformity with the NIS2 Directive and other relevant EU legislation; (ii) introducing defined procedures and timelines for the development of new certification schemes, including a default 12‑month period for ENISA to produce a candidate scheme after an EU Commission request; and (iii) aligning certification schemes more closely with EU cybersecurity regulations so businesses can use them as practical compliance tools. Introduce a horizontal framework to strengthen the security of ICT supply chains across critical sectors. The EU Commission would conduct EU‑level risk assessments to pinpoint ICT supply‑chain vulnerabilities, identify critical ICT assets, and assess technical and non‑technical risk factors, including potential third‑state influence. The framework provides for targeted mitigation measures, which may include restrictions or prohibitions on the use of ICT components from suppliers classified as high-risk (i.e., those based in third countries flagged by the EU Commission for cybersecurity concerns, or those that the EU Commission directly designates as posing significant non‑technical risk). The Package will now proceed through the ordinary legislative procedure, with timing not yet specified. Further discussions and amendments are therefore expected. In the meantime, businesses should monitor the process and proactively evaluate how the Package may affect their cybersecurity governance, including by auditing their ICT supply chains.