Archive - Angelos Varthalitis

The Package You Saw in January Has Already Changed Twice

Two signals from Brussels — one regulatory, one political — are reshaping the EU cybersecurity and AI framework before formal adoption. Here is what…

May 17 • Angelos Varthalitis

The Ransom Decision Is Now a Disclosure Decision

How NIS2 amendments reframe every ransomware payment as a regulatory event — and why your incident response playbook hasn't caught up.

May 1 • Angelos Varthalitis

April 2026

Two Regulations, One Incident: The Supply Chain Governance Gap Between NIS2 and CRA

The CRA reporting obligations begin on 11 September 2026. Your NIS2 programme is about to discover which parts of its supply chain architecture were…

Apr 21 • Angelos Varthalitis

The Cryptography Clause Nobody Is Reading

NIS2 Article 7(2)(k) turns post-quantum cryptography from a planning aspiration into a regulatory obligation. The transition clock is running — and it…

Apr 16 • Angelos Varthalitis

What Mythos Means for European CISOs

Who Defends the Defenders?

Apr 10 • Angelos Varthalitis

The Threshold That Could Reclassify Thousands of NIS2 Entities

Parliament's push to raise the 'small mid-cap' ceiling is not a minor technical adjustment.

Apr 6 • Angelos Varthalitis

Who Owns AI Security in Your Organization? (Spoiler: Probably No One)

The gap no one is talking about — and the certification built to close it.

Apr 2 • Angelos Varthalitis

March 2026

Europe Has a Cybersecurity Skills Problem. Certifications Are Part of the Answer.

And why Mile2 makes the difference

Mar 27 • Angelos Varthalitis

Your IAM Programme Was Built for Humans. It Has No Idea What to Do With Agents.

Non-Human Identities are the new Shadow AI — ungoverned, fast-proliferating, and now the fastest-growing attack vector in enterprise infrastructure.

Mar 23 • Angelos Varthalitis

AI Governance Without the CISO Is Just Innovation Theatre

If your AI governance committee doesn’t include your CISO, it isn’t a governance committee — it’s a project team with a compliance-shaped blind spot.

Mar 19 • Angelos Varthalitis

Wiper Malware, Broken Laws, and the EU's Big Regulatory Reset

Five stories shaping European cybersecurity this month — and what they mean for your business

Mar 16 • Angelos Varthalitis

Europe's Cybersecurity Landscape Is Shifting — Five Developments You Cannot Afford to Miss

Regulation Is Moving. Enforcement Is Coming. Is Your Business Ready?

Mar 12 • Angelos Varthalitis

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts