Press Room
Cipher and ECIJA host NIS2 Challenge to help Spain’s leading companies prepare for EU’s latest cybersecurity directive
The event, organized for security, technology and compliance officers from a range of companies, focused on tackling the core challenges of implementing NIS2.
Madrid, June 17, 2025 – Cipher, the cybersecurity division of Prosegur Group, and ECIJA, a law firm specializing in tech and legal advisory, organized—together with CIONET (the global private network of CIOs and tech leaders)—NIS2 Challenge, a session designed to help organizations analyze and prepare for the demands of the European NIS2 directive. The event stems from the strategic partnership between Cipher and ECIJA to jointly deliver end-to-end governance, risk and compliance (GRC) and cybersecurity solutions in Spain, Portugal, and Latin America. This alliance also enables clients to fully comply with national cybersecurity legislation.
Directed at security, tech, and compliance leaders from companies such as BBVA, Talgo, Repsol, and Valoriza, the session aimed to address the key challenges businesses face in adopting NIS2. Cipher and ECIJA conducted a hands-on workshop exploring three core issues: vulnerability management, third-party risk assessment, and readiness for certification bodies and supervisory authorities. The goal was to compare approaches, share best practices, and outline strong, realistic responses.
NIS2 Challenge was designed to deliver a holistic perspective that combines legal and technical insights, enabling a secure and efficient transition to the new regulatory framework. The practical Governance, Risk, and Compliance approach allowed companies to analyze digital security management in depth and outline technical and compliance roadmaps for implementing applicable frameworks such as DORA, NIS2, Spain’s National Security Scheme, or the General Data Protection Regulation (GDPR).
David Fernández, General Manager at Cipher, emphasized the significance of the event, stating:
“NIS2 marks a turning point in how organizations must approach cybersecurity. Through this event, we aim to provide companies with a clear roadmap—rooted in technical expertise—so they can adapt confidently and get ahead of potential risks.”
Alonso Hurtado, Partner of IT, Risk & Compliance at ECIJA, added:
“Beyond legal compliance, NIS2 requires organizations to embed cybersecurity into their strategic core. Today’s session was not only about the regulatory framework but also how to turn effective incident management into a competitive advantage.”
Jesús Yáñez, also Partner of IT, Risk & Compliance at ECIJA, highlighted the value of the joint initiative:
“The collaboration between Cipher and ECIJA offers a true 360º perspective, combining the legal and technical know-how required to tackle NIS2 challenges effectively and reliably.”
Held in an interactive workshop format, the event enabled attendees to engage with experts, resolve specific queries, and share experiences with peers from the cybersecurity and compliance fields.
A Successful Collaboration
Cipher and ECIJA have been applying the latest technological advances in their respective fields for decades. As part of this partnership, Cipher has deployed solutions like xMDR and SPIP (Security Posture Improvement Plan), a cybersecurity service combining architects and ethical hackers to detect vulnerabilities and misconfigurations across clients’ tech ecosystems. These insights help shape tailored remediation plans and ease the path to compliance—cutting down both time and costs. The result is a business-driven, risk-focused cybersecurity strategy designed to protect assets and ensure full regulatory alignment.
In turn, ECIJA supports the organizational and legal implementation of cybersecurity master plans, helping clients comply with frameworks such as DORA, NIS2, the National Security Scheme, GDPR and relevant international standards like ISO 27001, 27701, or 2330