1 min read
Building Europe’s AI Future from the Atlantic Coast
The global race to build next-generation AI infrastructure is accelerating at unprecedented speed. Across the industry, the conversation has shifted...
2 min read
Fernando Fainzilber
:
Updated on June 15, 2026
The transposition of Directive (EU) 2022/2555 (NIS 2) into Portuguese law, formalised by Decree-Law No. 125/2025 of 4 December, marks a defining moment for national digital security. As a data centre provider operating in the Digital Infrastructure sector, and classified as an Essential Entity, we see this new legal framework not as a regulatory burden, but as a strategic opportunity to strengthen collective resilience across companies and society.
The digital threat landscape is increasingly severe, with cyberattacks growing in both volume and sophistication, carrying disruptive potential for critical assets. NIS 2 is the European Union’s robust response, designed to ensure a high common level of cybersecurity across Member States, reinforce public trust, and enhance the resilience of essential services.
A Collaborative Approach to Security

This transformation calls for a positive, cooperative mindset. The new regime explicitly promotes collaboration between public and private sectors, aiming to build an architecture of convergence, interoperability, and shared responsibility. Institutions such as the National Cybersecurity Centre (CNCS) in Portugal and similar ones across Europe will play a pivotal role in prevention, detection, response, and recovery, acting as allies in this national and regional security effort. This collaborative approach strengthens our ability to anticipate and mitigate threats before they materialise.
Aligning with Global Best Practices
The legislation requires a systematic approach to risk management, supported by technical, operational, and organisational measures. Importantly, the framework aligns with international standards, introducing the National Cybersecurity Reference Framework (QNRCS) as a benchmark for good practices. Compliance efforts will naturally converge with globally recognised standards such as ISO 27001, SOC 2, and NIST CSF.
For organisations that embrace security-by-design principles, such as Start Campus, which prioritises integrated security, NIS 2 validates a fundamental truth: anticipation and proactive defence are our strongest safeguards.
Guidance: Preparing for NIS 2 Compliance
For organisations beginning their compliance journey, the key is to view this as an investment in operational excellence, not a cost burden. Here are five essential steps:
Beyond Compliance: Building Resilience
By embracing NIS 2 proactively, we strengthen Portugal’s digital defences, not only avoiding penalties, but more importantly, mitigating operational disruptions caused by increasingly severe cyber threats.
NIS 2 is not just regulation, it is an opportunity to build a safer, more resilient digital future for all.

Head of Security, has a deep understanding of security in data center newbuilds and launches, having worked internationally for Amazon Web Services, most recently as Cluster Security Manager in Israel.
Get in touch with Fernando Fainzilber
1 min read
The global race to build next-generation AI infrastructure is accelerating at unprecedented speed. Across the industry, the conversation has shifted...
1 min read
The data center market in Europe is booming and yet is beginning to look completely different than it was. International market research and market...
1 min read
As Europe rethinks its role in the global digital and energy landscape, one location is rapidly gaining strategic importance: Sines, Portugal. ...