login

The Perfect Storm, What being Digital Sovereign, NIS2 and CRA mean for your IT Strategy
.ical
2025-10-01 , OSPO, governance and business

This session’s header image

Perfect Storm: "A confluence of events that drastically aggravates a situation."

In "The Perfect Storm," we'll explore the critical confluence of digital sovereignty, the NIS2 directive, and the Cyber Resilience Act (CRA). These new regulations create a "perfect storm" that significantly increases personal liability for C-level, with fines reaching up to €10 million per incident. This session will outline who is liable and the immediate actions you must take to achieve and maintain compliance.

IT security has never been more crucial. This talk dives into the "perfect storm" facing the industry, caused by new EU regulations like the Cyber Resilience Act (CRA) and NIS2. These directives introduce personal liability for IT security leaders, making compliance a top priority—and a personal one.

Emiel will guide you through this complex landscape, explaining what you need to do now to protect your organization and yourself. He will specifically focus on Supply Chain Security and answer key questions:

Is a 200-page questionnaire from your suppliers enough?

Who is responsible for supply chain evaluation?

How do standards like the OpenSSF Scorecard, Security Baseline, Common Criteria, and ISO 27001 relate to NIS2 compliance?

Is an ISO 27001 certification sufficient for NIS2?

And what does Forrest Gump's box of chocolates have to do with it all?

Come learn how to navigate this new era of IT security and ensure your strategy is resilient and compliant.

The speaker’s profile picture
Emiel Brok

Emiel Brok is a passionate Open Source Ambassador and a prominent voice in the open-source community. With over 20 years of experience in the business, he has a deep understanding of technology and its role in fostering collaboration and innovation. He is a co-founder and board member of DOSBA, and also serves on the APELL Board. Emiel regularly speaks at industry events and shares his expertise on topics such as digital sovereignty, cybersecurity, and open-source compliance. Through his work, he champions the adoption of open-source and helps organizations navigate the complexities of the modern technological landscape.