Modern Cybersecurity: Controls, Governance, and Threats

Overview of cybersecurity strategies and compliance, ranging from high-level European Union directives to practical personal security advice. The Directive (EU) 2022/2555 establishes a rigorous regulatory framework for essential and important entities across the EU, requiring stringent risk-management measures, incident reporting protocols, and cooperation mechanisms via the CSIRTs network and ENISA. Complementing this, other documents discuss the importance of security controls in enterprise settings, categorising them as technical, administrative, and physical, and reference frameworks like the NIST Cybersecurity Framework (CSF) 2.0 and ISO 27001:2022 for structured risk management. Finally, several texts offer consumer and employee guidance, emphasising the use of Multi-Factor Authentication (MFA), password managers, and network segmentation (such as using separate VLANs for IoT devices) to mitigate risks like phishing and address the growing data privacy concerns posed by Artificial Intelligence (AI).