Risk and Compliance

How Managed Security Service Providers (MSSPs) are perceived is clear. They are expected to reduce operational risk, help with compliance and respond fast when things go wrong. ENISA's 2025 MSS Market Analysis reveals that this falls often short, especially once incidents move beyond detection. Here are the key gap's between what customers demand, what suppliers deliver and regulators expect. ENISA’s 2025 MSS Market Analysis was informed by a broad survey of stakeholders acr

Over the past two years, a recurring pattern has emerged in incidents across Europe. Vulnerabilities in widely used software components are discovered late, patched unevenly, and communicated poorly. When exploitation follows, the damage spreads across entire ecosystems, not just single organisations. Regulators responded accordingly. The EU Cyber Resilience Act, adopted in 2024 and entering application from 2027, shifts attention to the security of digital products placed on

Between Fri night, 19 Sept, and Sun, 21 Sept 2025, ransomware targeting Collins Aerospace’s MUSE check-in/boarding software disrupted...

Third-Party Risk Management (TPRM) has become critical as supply chain attacks surge by 431% since 2021. The 2024 CrowdStrike incident...

The Digital Operational Resilience Act (DORA) establishes a comprehensive regulatory framework for digital resilience in the EU financial...

AI adoption has exploded since 2023, creating productivity gains but introducing significant security risks including shadow AI, prompt...

NIS2 represents a paradigm shift in EU cybersecurity regulation, mandating stronger security measures across critical sectors. For CISOs,...