NIS2 and EU cyber & AI regulation, explained for the people who have to comply.

NIS2 Hub is a content library for compliance officers, CISOs, IT and security leads, and DPOs. We turn NIS2, the EU AI Act, DORA, the Cyber Resilience Act, ISO 27001/42001, GDPR and AI governance into plain-English guides — then point you to open-source tooling benchmarks, webinars, and workshops that help you act on them.

Where guidance turns into action

Three ways to move from reading to doing

Every guide on this site links to one of these, so you never leave with theory and no next step.

Open-source benchmarks

Independent comparisons of open-source SIEM, vulnerability management, firewall/WAF, GRC/compliance, SAST and incident response tooling — mapped to the controls each regulation expects.

Webinars

Live and on-demand sessions on NIS2, the EU AI Act, DORA and GDPR — built for compliance and security professionals who want the practical read, not the press release.

Workshops

Hands-on training on ISO 27001, ISO 42001, AI governance and AI risk management — where your team builds the artefacts an auditor actually asks for.

The regulation library

Start with the rule that is on your desk

Thirteen pillar guides, one funnel

Each pillar answers the informational questions your team is searching for, then routes you to the benchmark, webinar or workshop that helps you comply.

EU cyber directives

NIS2, DORA and the Cyber Resilience Act reshape how essential and important entities handle risk, incident reporting and product security.

EU AI and data rules

The EU AI Act, GDPR and the DSA/DMA/Data Act cluster set the rules for how you build, deploy and govern data-driven and AI systems.

Standards and practices

ISO 27001, ISO 42001, AI governance, AI risk management and cybersecurity risk management give you the frameworks to prove it.

How compliance teams use NIS2 Hub

Step 1: Find your regulation

Pick the pillar for the rule you are working on — NIS2, EU AI Act, DORA, ISO 27001 and more.

Step 2: Understand the requirements

Read the scope, obligations, timelines and penalties in plain language, with the controls spelled out.

Step 3: Choose your tooling

Follow the CTA into an open-source benchmark that maps tools to the controls the regulation expects.

Step 4: Build the capability

Register for a webinar or sign up for a workshop to turn the plan into audit-ready evidence.

FAQs

Frequently asked questions

Who is NIS2 Hub for?

Company employees who carry compliance and security work: compliance officers, CISOs, IT and security leads, and data protection officers across the EU and English-speaking markets.

Is this legal advice?

No. These are practical, educational guides to EU cyber and AI regulation. For binding interpretation of how a rule applies to your organisation, consult qualified legal counsel.

Why open-source benchmarks?

Because compliance work runs on tight budgets. Our benchmarks compare open-source SIEM, vulnerability management, GRC and other tooling so teams can see what a capable, low-cost stack looks like.

How do the webinars and workshops work?

Webinars are register-to-attend sessions on specific regulations. Workshops are hands-on, sign-up training days focused on ISO 27001, ISO 42001 and AI governance.

Turn the regulation on your desk into a plan you can defend.

Start with a pillar guide, compare the tooling in a benchmark, and bring your team to a webinar or workshop.