Security Intelligence Blog on PROTISEC — AI-Powered Enterprise Cybersecurityhttps://protisec.com/blog/Recent content in Security Intelligence Blog on PROTISEC — AI-Powered Enterprise CybersecurityHugoenTue, 10 Mar 2026 00:00:00 +0000NIS2 in Spain: What SMEs Need to Do Before August 2026https://protisec.com/blog/nis2-spanish-smes-2026/Tue, 10 Mar 2026 00:00:00 +0000https://protisec.com/blog/nis2-spanish-smes-2026/<p>The EU Network and Information Security Directive (NIS2) entered into force across EU member states in October 2024. Spain transposed it via the <strong>Ley de Seguridad de las Redes y Sistemas de Información</strong> (LSSI-NIS2). For Spanish SMBs in affected sectors, the clock is running.</p> <h2 id="who-is-actually-affected">Who Is Actually Affected</h2> <p>NIS2 expanded the scope dramatically compared to its predecessor. In Spain, the following sectors are now covered:</p> <ul> <li>Energy (electricity, oil &amp; gas, district heating)</li> <li>Transport (road, rail, air, maritime)</li> <li>Banking and financial market infrastructure</li> <li>Health (hospitals, pharma manufacturing, R&amp;D)</li> <li>Drinking water and wastewater</li> <li>Digital infrastructure (DNS, cloud, data centres, CDN providers)</li> <li>ICT service management (MSPs, MSSPs)</li> <li>Public administration</li> <li>Space</li> </ul> <p>The <strong>size threshold matters</strong>: medium enterprises (50+ employees or €10M+ revenue) in essential sectors fall under NIS2. Some critical entities regardless of size are also in scope. If you are an MSP or MSSP, you are almost certainly in scope.</p>How LockBit Penetrates ICS/OT Networks: An Anatomyhttps://protisec.com/blog/lockbit-icsot-anatomy/Thu, 05 Mar 2026 00:00:00 +0000https://protisec.com/blog/lockbit-icsot-anatomy/<p>The Colonial Pipeline attack in 2021 cost $4.4M in ransom and shut down fuel supply to the US East Coast for six days. The compromise vector: a legacy VPN account with no MFA. The attackers never touched OT systems — they did not need to. The company shut down operations proactively out of fear.</p> <p>This is the new reality of industrial ransomware. The attack does not need to compromise your PLC to be devastating.</p>Private LLMs vs OpenAI API: The Enterprise Security Casehttps://protisec.com/blog/private-llms-vs-openai-enterprise/Sat, 28 Feb 2026 00:00:00 +0000https://protisec.com/blog/private-llms-vs-openai-enterprise/<p>In 2023, Samsung employees leaked proprietary source code by pasting it into ChatGPT. The incident is now a standard case study in enterprise AI risk. Two years later, most large European companies have an AI usage policy. Very few have an AI architecture that actually enforces it.</p> <p>The fundamental problem: cloud LLM APIs process your data on infrastructure you do not control, governed by terms of service that change, subject to regulatory jurisdictions that may not align with your compliance obligations.</p>