Published by ANSSI on March 17, 2026, the ReCyF (Cyber France Framework) translates the requirements of the European NIS 2 Directive into concrete, enforceable obligations for French organizations. This infographic summarizes the key points of the ReCyF to give you a clear and actionable overview of your obligations.

It’s been two years since NIS 2 has been dominating the cybersecurity agenda. Two years of regulations, public statements, and questions without practical answers. DBM Partners and Tenacy have co-authored this guide to put an end to the wait: 7 chapters, a field roadmap, and a bonus compliance checklist—everything you need to take action before the deadlines expire.

Faced with a growing number of standards and increasingly stringent regulatory requirements, IT security teams must do more… with less.
Discover how Air Caraïbes successfully automated its data collection, centralized its management, and drastically reduced the time spent on compliance using Tenacy.

In a highly regulated industry like insurance, maintaining ISO 27001 certification while expanding it to new areas is a real challenge for IT security teams.
Find out how the Henner Group streamlined its compliance management, centralized its data, and saved significant time thanks to Tenacy.

With customer expectations skyrocketing and regulatory standards multiplying, cybersecurity can no longer be viewed as merely a technical issue.
Discover how Onet, a multi-service group with over 80,000 employees, has structured its ISMS, centralized its cybersecurity governance, and turned compliance into a genuine competitive advantage thanks to Tenacy.

80,000 employees, two business units to be certified simultaneously—one of which required building an ISMS from scratch—and a timeline deemed impossible even by the auditor. Find out how Onet rose to this challenge: the obstacles encountered, the key decisions made, and what truly made the difference on audit day.

Discover how Tessi, a European leader in Business Process Services, transformed fragmented and time-consuming cybersecurity management into a centralized, automated, and auditable system—across 15 countries and 13,900 employees.

Find out how Asendia, a global leader in e-commerce and international mail with a presence on four continents, has streamlined its cybersecurity governance by replacing fragmented tools with a unified platform—without increasing its headcount.

With mounting regulations, siloed data, and time-consuming reporting, cybersecurity teams at multi-entity organizations are wasting valuable time on consolidation rather than protection. This guide provides you with three concrete pillars for streamlining your GRC management and transforming your cybersecurity into a driver of performance.

Excel is a general-purpose tool—not acybersecurity platform. This side-by-side comparison clearly shows you what you’re missing out on by sticking with manual files, and what you gain by switching to a dedicated cyber GRC solution.

NIS 2 significantly expands the scope of affected organizations—by a factor of 10 compared to NIS 1. This infographic summarizes the key points: objectives, eligibility criteria, regulatory timeline, and a concrete action plan to help you prepare for your compliance obligations.

‍

Are you looking to structure your cybersecurity management project and compare the solutions available on the market? This turnkey specification guide walks you through the process step by step to help you define your functional, technical, and organizational requirements before choosing your GRC tool.

Cybersecurity budget, cost of attacks, NIS 2 penalties… All the key data you need to understand and justify your company’s cybersecurity investment, at a glance.

ISO 27001 is the leading standard for information security, but its requirements are often unclear. This infographic summarizes the key points: its history, the structure of the 252 controls, what’s new in the 2022 revision, the benefits of certification, and concrete steps to achieve compliance.

Changing regulations, new standards, industry-specific requirements: for a CISO, regulatory monitoring isn’t an option—it’s an ongoing, strategic activity. This practical guide provides a concrete four-step framework to help you structure your monitoring efforts, define your scope, and turnregulatory information into corrective actions.

Learn how to effectively assess the security needs of your information system using the DICP matrix: a simple, structured method tailored to your budget.

We have designed a comprehensive and practical guide, designed to help you master DICP analysis, from understanding it to applying it in your processes.

‍

‍

New regulations, mergers and acquisitions, supplier management… Cybersecurity compliance can’t be winged. Discover how a compliance audit that combines legal and technical expertise can help your organization effectively structure and manage its compliance efforts.

‍

What is a typical day like for a CISO in France, Spain, Germany, or Ireland? This qualitative study, conducted among 33 European cybersecurity leaders, provides a comprehensive overview of the role: responsibilities, challenges, compliance, stress, and future prospects.

Set to take effect in January 2025, the DORA regulation imposes a strict framework for digital operational resilience on financial institutions. This infographic summarizes everything you need to know: objectives, scope, the regulation’s five pillars, timeline, and priority actions to implement.