ACN
|conformità
|GRC
|sicurezza informatica
|NIS
|NIST CSF
|UNI/PdR 174:2025
|ISO 27001
|SGSI
UNI/PdR 174:2025 for NIS Organizations Certified to ISO 27001: What It Changes Operationally
February 20, 2026
ACN published UNI/PdR 174:2025 as an operational bridge between ISO/IEC 27001 and NIST CSF 2.0 for NIS-scoped organizations. It helps ISO-certified e…
NIS2
|ACN
|conformità
|sicurezza informatica
|NIS
|scadenza
|registrazione
|registrazione
|scadenza
|28 febbraio
NIS 2026 Reminder: 8 Days Left Before the 28 February Registration Deadline
February 20, 2026
Organizations in scope of Italy's NIS regime have until 28 February 2026 to complete annual registration via the ACN Services Portal. Both new and pr…
ACN
|conformità
|notifica
|sicurezza informatica
|Law 90/2024
|Legge 90/2024
|tassonomia degli incidenti
|tassonomia incidenti
|NIS
|Allegato A
ACN Adopts Incident Taxonomy Under Law 90/2024: What Obligated Entities Must Do Now
February 20, 2026
ACN adopted the incident taxonomy under Law 90/2024 via the Determina of 9 February 2026. Obligated entities must now report incidents within 24 hour…
NIS2
|ACN
|conformità
|CSIRT
|notifica
|baseline
|sicurezza informatica
|ruoli
|responsabilità
|punto di contatto
|referente
|incidente
NIS2 Point of Contact and CSIRT Contact Role: Accountability and Operating Duties
February 18, 2026
NIS2 implementation guidance distinguishes the legal Point of Contact from the operational CSIRT contact role. Practical guide to role formalization,…
NIS2
|ACN
|conformità
|baseline
|sicurezza informatica
|catena di fornitura
|GV.SC
|fornitori
|approvvigionamento
|contratti
|valutazione del rischio
NIS2 Supply-Chain Security: Managing Critical Suppliers and High-Impact Procurements
February 17, 2026
NIS2 supply-chain security is a governance obligation covering supplier identification, risk assessment, contractual integration, and lifecycle monit…
NIS2
|ACN
|conformità
|GRC
|baseline
|sicurezza informatica
|governance
|audit
|evidenze
|documentazione
|inventari
|registri
NIS2 Documentary Evidence and Audit Readiness: How to Structure Compliance Proof
February 14, 2026
ACN baseline guidance requires documentary evidence as a core compliance element. Practical guide to evidence families, obligation-to-evidence mappin…
NIS2
|ACN
|conformità
|CSIRT
|incidente significativo
|notifica
|baseline
|sicurezza informatica
|IS-3
|livello di servizio
|disponibilità
|interruzione
NIS2 Significant Incident IS-3: Violation of Expected Service Levels
February 13, 2026
IS-3 in the ACN baseline model covers service-level violation incidents affecting entity services and activities. Practical guide to qualification, s…
NIS2
|ACN
|conformità
|CSIRT
|IS-2
|incidente significativo
|integrità
|modifica dei dati
|notifica
|baseline
|sicurezza informatica
NIS2 Significant Incident IS-2: Integrity Loss Affecting Digital Data
February 12, 2026
IS-2 in the ACN baseline model covers integrity loss affecting digital data under entity ownership or control. Practical guide to qualification, evid…
NIS2
|ottobre 2026
|ACN
|conformità
|baseline
|sicurezza informatica
|governance
|piano di implementazione
|scadenza
NIS2 baseline deadline October 2026: 8-month implementation roadmap
February 12, 2026
With the NIS2 baseline adoption deadline set for October 2026, organizations have roughly 8 months left. This guide provides a compressed, phased roa…
NIS2
|ACN
|conformità
|CSIRT
|incidente significativo
|notifica
|baseline
|sicurezza informatica
|IS-1
|riservatezza
|fuga di dati
NIS2 Significant Incident IS-1: Confidentiality Loss Affecting Digital Data
February 11, 2026
IS-1 in the ACN baseline model covers confidentiality loss affecting digital data under entity ownership or control. Practical guide to qualification…
NIS2
|ACN
|conformità
|CSIRT
|notifica
|baseline
|sicurezza informatica
|tipologia degli incidenti
|condizione
|compromissione
|classificazione
NIS2 Incident Typology Model: Condition, Compromise, and Affected Object
February 10, 2026
ACN baseline guidance classifies significant incidents through condition, compromise, and object of compromise. Practical guide to using the typology…
NIS2
|ACN
|conformità
|baseline
|sicurezza informatica
|backup
|resilienza
|ripristino in caso di disastro
|ripristino
|RC
|ripristino
|continuità
NIS2 Recovery Controls (RC): Operational Resilience and Service Restoration
February 07, 2026
The NIS2 Recovery (RC) domain defines how entities restore operations after incidents and sustain resilience. Practical guide to restoration procedur…
NIS2
|ACN
|conformità
|CSIRT
|baseline
|sicurezza informatica
|risposta
|RS
|rimedio
|contenimento
|eradicazione
|gestione degli incidenti
NIS2 Response Controls (RS): Containment and Eradication in Incident Handling
February 06, 2026
Containment and eradication are iterative response steps that limit damage and remove attacker persistence. Practical guide to strategy selection, ev…
NIS2
|ACN
|conformità
|risposta agli incidenti
|CSIRT
|baseline
|sicurezza informatica
|risposta
|RS
|segnalazione
|indagine
|escalation
|analisi forense
NIS2 Response Controls (RS): Signaling and Investigation Operating Model
February 05, 2026
The NIS2 Response (RS) domain requires structured incident response through signaling, investigation, and iterative decision loops. Practical guide t…
NIS2
|ACN
|conformità
|CSIRT
|baseline
|sicurezza informatica
|escalation
|rilevamento
|DE
|monitoraggio
|SIEM
|log
|triage
NIS2 Detection Controls (DE): Event Monitoring and Adversarial Signal Handling
February 04, 2026
The NIS2 Detection (DE) domain requires monitoring networks, services, and endpoints to identify adverse events early. Practical guide to log readine…
NIS2
|ACN
|conformità
|baseline
|sicurezza informatica
|valutazione del rischio
|identificazione
|ID
|gestione degli asset
|vulnerabilità
|miglioramento
NIS2 Identification Controls (ID): Inventories, Risk Assessment, and Improvement Cycle
January 31, 2026
The NIS2 Identification (ID) domain covers asset visibility, risk assessment, treatment planning, vulnerability processes, and improvement cycles. Pr…
NIS2
|UE
|GRC
|risposta agli incidenti
|sicurezza informatica
|catena di fornitura
|Italia
|Cybersecurity Act
|DORA
|ENISA
|sicurezza perimetrale
|VPN
|ransomware
|sanità
|rischio di terze parti
|resilienza digitale
|certificazione
Cybersecurity Monthly Report – January 2026 (Italy, EU, Global)
January 31, 2026
Aegister’s January 2026 monthly cybersecurity report: EU cybersecurity package with Cybersecurity Act revision and NIS2 simplification amendments, DO…
NIS2
|ACN
|conformità
|baseline
|sicurezza informatica
|catena di fornitura
|governance
|GV
|politica
|ruoli
|responsabilità
NIS2 Governance Controls (GV): Policies, Roles, and Accountability Model
January 30, 2026
The NIS2 Governance (GV) domain defines cybersecurity direction, accountability, and oversight. Practical guide to implementing GV controls: context,…
NIS2
|ACN
|conformità
|sicurezza informatica
|notifica degli incidenti
|CSIRT Italia
|articolo 25
|notifica incidenti
|24 ore
|72 ore
NIS2 Article 25 in Practice: Incident Notification Obligations and Operating Timeline
January 29, 2026
Article 25 of Italy's NIS decree requires notification of significant incidents to CSIRT Italia. Practical guide to the 24h/72h notification timeline…
NIS2
|ACN
|conformità
|baseline
|sicurezza informatica
|articolo 24
|gestione del rischio
|gestione rischio
|controlli
|NIST CSF
NIS2 Article 24 in Practice: How to Implement Cybersecurity Risk-Management Measures
January 28, 2026
Article 24 of Italy's NIS decree requires proportionate cybersecurity measures. Practical guide to implementing control families (GV/ID/PR/DE/RS/RC) …