Regulatory frameworks, certifications, and cybersecurity best practices
This section gathers articles focused on security standards, regulatory frameworks (GDPR, NIS2, LPM, etc.), and compliance requirements for public and private organizations.
📋 My objective: Provide an operational and contextualized understanding of legal and normative obligations — enriched with concrete examples, critical analysis, and field-proven feedback.
📌 Topics covered:
- GDPR compliance & personal data security
- ISO/IEC standards: 27001, 27002, 27701
- PCI DSS: payment security and audit practices
- Compliance frameworks for CERTs (SIM3, FIRST, PRIS, InterCERT…)
- Legal impacts of NIS2, LPM, DORA, CRA directives
- Embedding compliance in DevSecOps workflows
📚 Available articles:
2025