CONTACT REQUEST
|
HomeIT Services ProviderIT Security
Specialty Β· IT Services / 01

IT security
& cyber protection 2026.

Firewall, endpoint protection, security operations centre and regular pen-tests. NIS2-ready for mid-market β€” we ship measures instead of selling compliance checklists.

Request security audit
IT-Sicherheit & Cyber-Schutz
Why now

NIS2 is no longer optional.

The EU directive NIS2 has covered tens of thousands of mid-market companies since 2024. Fines up to €10M or 2 % of annual revenue. We bring you technically and organisationally into compliance β€” no consulting babble, just measures running in the console.
Alexander Ohl Alexander OhlFounder Β· Pragma-Code
Cybersecurity & Compliance

Cyber Resilience and NIS2 Compliance

Since 2025, the EU NIS2 directive obliges thousands of companies across the DACH region to implement active risk management. Non-compliance means severe fines and personal liability for management.

NIS2 Directive and Cyber Resilience for SMEs

What NIS2 Means for Your Business

πŸ“‹ NIS2 Scope & Obligations

Does the NIS2 directive apply to your company? From as few as 50 employees or €10M revenue, strict obligations kick in: risk management, 24-hour incident reporting, and supply chain security.

⚠️ Avoiding Severe Penalties

Violations can result in fines of up to €10M or 2% of global annual revenue. Additionally, personal liability of managing directors is at stake β€” a risk no SME should ignore.

πŸ›‘οΈ Multi-Layer Defence

Our approach: Zero-trust architecture, advanced Endpoint Protection (XDR), SIEM monitoring, and regular employee awareness training form a seamless defence system.

πŸ” Pragma-Code Cyber Audit

Our structured cyber audit identifies your gaps, assesses your NIS2 readiness, and delivers a concrete action plan β€” from self-assessment to full certification preparation.

Read the NIS2 Guide for SMEs
Services Β· 04

Four pillars of modern IT security.

What we typically deliver β€” from edge to endpoint.

Firewall & network security

Next-gen firewalls (FortiGate, Sophos), network segmentation, IDS/IPS, secure remote access via VPN/ZTNA.

Endpoint protection (EDR)

CrowdStrike, SentinelOne or Defender for Endpoint β€” behaviour-based, AI-supported, with central console.

Security operations centre

SIEM/SOAR with 24/7 monitoring, threat hunting and automated incident response β€” external or hybrid.

Audit & pen-test

External pen-tests, internal vulnerability scans and phishing simulations β€” annually or on demand.

Process Β· 04 steps

From audit to secure operations.

Systematically harden instead of patching ad-hoc.

01

Audit

Inventory: firewall rules, endpoint status, patch level, identity hygiene, NIS2 gaps.

02

Hardening

Quick wins first: MFA everywhere, critical patches, EDR rollout, network segmentation.

03

Monitoring

SIEM/SOAR integration, 24/7 alerts with clear escalation, incident response runbooks.

04

Optimisation

Quarterly pen-tests, monthly phishing tests, continuous compliance reports.

FAQ Β· 04

Frequently asked security questions.

Answers on NIS2, pen-tests and incident response.

Are we affected by NIS2?
Medium companies (50–249 employees, > €10M revenue) in 18 sectors β€” from energy to transport to digital β€” are directly affected. Suppliers indirectly. We check your exposure in the audit.
How long does a security audit take?
Baseline audit for mid-market environment 3–5 business days. Deep pen-test 2–4 weeks depending on scope. NIS2 gap analysis adds 1 week.
What happens during a security incident?
24/7 hotline for P1 incidents. Within 30 minutes a security engineer is in the console. Containment, forensics, regulator notification (BSI mandatory under NIS2) and recovery follow fixed runbooks.
Do we really need a next-gen firewall?
If you have remote workers, use cloud services, or face compliance requirements: yes. Classic port/protocol firewalls are too blind in 2026. NGFWs see application traffic, block malware downloads and stop lateral movement.
Latest insights

Expert articles.

Background on NIS2, cyber resilience and EDR.

The Future of IT Security

The Future of IT Security

Cyber threats in 2026 and how SMBs can defend themselves.

Read more
NIS2 for the Mid-Market

NIS2 for the Mid-Market

Which obligations are coming β€” and how to become compliance-ready.

Read more
Cyber Resilience 2026

Cyber Resilience 2026

Cloud, AI and new attack vectors β€” defence in a multi-layer model.

Read more
Available for new security projects

Protect your IT assets.

We start with a free security quick check β€” 10 findings within 5 business days.

Request security audit