FISA

  Germany is taking decisive steps to strengthen its cybersecurity framework following the rise of digital threats. Last month, the Bundestag adopted the NIS-2 Implementation Act, translating the EU NIS-2 Directive (Directive (EU) 2022/2555) into national law. Published in the Federal Law Gazette on 5 December 2025 and in force since 6 December 2025, the Act modernizes the country’s IT security legislation and broadens the range of entities subject to regulatory oversight.  The Federal Office for Information Security (BSI) is tasked with supervision and enforcement under the Act, coordinating cybersecurity across federal agencies in its role as the CISO Bund. The law applies to industrial production, including electronics, machinery, vehicles, and other transport systems. Obligations generally target companies with at least 50 employees or that meet specific revenue and balance sheet thresholds.  Certain sensitive sectors, such as telecommunications and digital services, ...

Geopolitics has become a significant risk factor for today’s organizations, transforming cybersecurity into a technical and strategic challenge heavily influenced by state behavior. International tensions and the strategic calculations of major cyber powers, including Russia, China, Iran, and North Korea, significantly shape the current threat landscape. Businesses can no longer operate as isolated entities; they now function as interconnected global ecosystems where employees, suppliers, cloud workloads, supply chains, and data flows intersect across multiple jurisdictions, each with its own unique set of political risks. A region considered low-risk last month could become a high-risk zone overnight if a diplomatic dispute escalates. An overseas development team could suddenly become vulnerable if that region experiences sanctions, stricter regulations, or state pressure on the workforce. Many organizations still underestimate this dynamic reality, relying on static risk models that ...

Most businesses treat breaches as perimeter problems — patch the firewall, update the antivirus, sleep better at night. But the real threat isn’t how attackers get in — it’s what they do after they’re already inside. That’s the brutal reality of lateral movement, and a recent Global Cloud Detection and Response Report confirms it remains the toughest threat for security teams to spot and stop. Lateral movement isn’t just a fancy buzzword — it’s the phase of a cyberattack where an intruder navigates sideways across systems after gaining initial access. Instead of blasting past perimeter defenses, they quietly escalate privileges, harvest credentials, and hop from one asset to the next. Attackers use legitimate credentials and built-in tools like PowerShell, RDP or SMB to mask their activity, making them extremely difficult to detect.  Why does this matter? Because once attackers move laterally: They can reach your crown jewels — databases, domain controllers, backups. Huntress...