Komplyo blog
Security & compliance, explained
Practical guides on NIST CSF 2.0, ISO 27001, SOC 2, GDPR and NIS2 for European SMEs and scale-ups — without the jargon.
14 min read
NIS2 Directive for SMEs: What You Actually Need to Do
Is your SME in scope for NIS2? The 10 Article 21 measures, the 24h/72h/1-month reporting rule, fines, and a realistic compliance roadmap — in plain English.
- NIS2
- Compliance
- NIST CSF
13 min read
SOC 2 vs ISO 27001 for SMEs: which one actually fits your business?
SOC 2 or ISO 27001? A practical comparison for SMEs — scope, cost, timeline, and market recognition — so you pick the right security framework the first time.
- ISO 27001
- SOC 2
- Compliance
10 min read
Business Impact Analysis for SMBs: What Actually Needs Protecting?
Run a Business Impact Analysis (BIA) for your SMB: prioritize assets by business criticality, not just IT value. A step-by-step guide based on NIST, CISA & ANSSI.
- BIA
- NIST CSF
- Business continuity