<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>INCIBE on PROTISEC — AI-Powered Enterprise Cybersecurity</title><link>https://protisec.com/tags/incibe/</link><description>Recent content in INCIBE on PROTISEC — AI-Powered Enterprise Cybersecurity</description><generator>Hugo</generator><language>en</language><lastBuildDate>Tue, 10 Mar 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://protisec.com/tags/incibe/index.xml" rel="self" type="application/rss+xml"/><item><title>NIS2 in Spain: What SMEs Need to Do Before August 2026</title><link>https://protisec.com/blog/nis2-spanish-smes-2026/</link><pubDate>Tue, 10 Mar 2026 00:00:00 +0000</pubDate><guid>https://protisec.com/blog/nis2-spanish-smes-2026/</guid><description>&lt;p&gt;The EU Network and Information Security Directive (NIS2) entered into force across EU member states in October 2024. Spain transposed it via the &lt;strong&gt;Ley de Seguridad de las Redes y Sistemas de Información&lt;/strong&gt; (LSSI-NIS2). For Spanish SMBs in affected sectors, the clock is running.&lt;/p&gt;
&lt;h2 id="who-is-actually-affected"&gt;Who Is Actually Affected&lt;/h2&gt;
&lt;p&gt;NIS2 expanded the scope dramatically compared to its predecessor. In Spain, the following sectors are now covered:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Energy (electricity, oil &amp;amp; gas, district heating)&lt;/li&gt;
&lt;li&gt;Transport (road, rail, air, maritime)&lt;/li&gt;
&lt;li&gt;Banking and financial market infrastructure&lt;/li&gt;
&lt;li&gt;Health (hospitals, pharma manufacturing, R&amp;amp;D)&lt;/li&gt;
&lt;li&gt;Drinking water and wastewater&lt;/li&gt;
&lt;li&gt;Digital infrastructure (DNS, cloud, data centres, CDN providers)&lt;/li&gt;
&lt;li&gt;ICT service management (MSPs, MSSPs)&lt;/li&gt;
&lt;li&gt;Public administration&lt;/li&gt;
&lt;li&gt;Space&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;The &lt;strong&gt;size threshold matters&lt;/strong&gt;: medium enterprises (50+ employees or €10M+ revenue) in essential sectors fall under NIS2. Some critical entities regardless of size are also in scope. If you are an MSP or MSSP, you are almost certainly in scope.&lt;/p&gt;</description></item></channel></rss>