From NIS2 to Secure WordPress: a Realistic Compliance Roadmap for Small Agencies and Freelancers

Continue the discussion

Published

July 4, 2026

The EU’s NIS2 directive—transposed into national law from 17 October 2024 onward—imposes tougher cyber-risk management, incident-reporting and supply-chain duties on “essential” and “important” entities. Although only a handful of member states met the deadline, enforcement pressure is already building in 2025, leaving many micro-agencies and solo WordPress professionals exposed. This talk demystifies NIS2 through a WordPress lens. We will translate the directive’s legalese into concrete, platform-specific steps: choosing maintained plugins, adopting least-privilege practices, hardening servers, documenting processes, and preparing 24-hour incident-notification playbooks. We will also tackle the often-ignored supply-chain clause, showing how to vet upstream themes, SaaS tools and hosting providers without a corporate budget. Presented byFrancesco Canovi

Rate this:

Event

WordCamp Lithuania 2025 10

Speakers

Francesco Canovi 8

Language

English 11626

Download
MP4: Low, Original
Subtitles
Subtitle this video →