NIS 2 · DORA · Cyber Resilience Act
2026-07-02
France's national cyber agency is navigating four legal regimes and a twentyfold expansion of its remit at once. Because enforcement can only act after an event has happened, defending an ecosystem this much larger depends on training, tooling and staffing capacity built ahead of need, by every actor able to build it.
SWIFT CSCF · DORA · NIS2 · NYDFS 500 · OSFI B-13
2026-06-24
Read the sharpened 7.3A guidance as a checkbox and you will run four tests for four regulators. Read it as one supervisory expression of a global shift to intelligence-led testing, and a single well-designed exercise produces evidence all four accept.
SWIFT CSCF · DORA · NIS2 · NYDFS 500 · OSFI B-13
2026-06-24
Most institutions scope the SWIFT penetration test to the minimum the control names, then commission three more tests for three more regulators. That is the expensive way. One well-designed test, recorded against a shared framework, satisfies them all.
DORA · NIS2 · ISO/IEC 27001
2026-06-20
The device whose entire job is to keep intruders out became the way in. FortiBleed handed attackers verified credentials to ~73,932 Fortinet firewalls, half the internet-facing fleet, without a single new vulnerability. The exploit was patience.
DORA · Operational resilience
2026-06-11
A single faulty channel file took down 8.5 million Windows machines, grounded flights and froze trading desks. Under DORA, the question is no longer 'whose bug?' but 'where was your simulation?'