Updates and deep dive into Information Security Regulations

  1. Home /
  2. Updates and deep dive into Information Security Regulations
Subject: “Updates and deep dive into Information Security Regulations”
Date: Tuesday, 24 June 2025
Time: 15:00 to 18:00
Venue: Cleopatra Hotel, Nicosia
Language: English
CPE Points (Continuous Professional Education): 3 CPEs
Instructors: Demos Demou, Michalis Kassini, Constantinos Solomonides
Outline: Seminar Outline
Registration Form: Seminar Participation

Course Objectives:

Title: Information Security Regulatory Obligations

Objectives:

  • To provide a comprehensive overview of current regulatory frameworks and obligations related to information security.
  • To explore the impact of non-compliance and data breaches on organizational risk and reputation.

Expected Outcomes:

  • Enhanced awareness of applicable regulatory requirements governing information security.
  • Improved ability to identify and address compliance gaps within your organization.
  • Practical knowledge of policies, controls, and documentation practices to meet regulatory standards.
  • Strengthened collaboration between security, legal, and compliance teams.

Title: Developments around nis2 directive

Overview of the NIS2 Directive, emphasising how organisations can align their practices with the directive’s expanded requirements. We will explore key components necessary for compliance and discuss strategies for improving cybersecurity posture.

Objectives:

  • To introduce NIS2 Directive and its implications for businesses.
  • To identify the different entities affected by NIS2 and their specific requirements.
  • To outline a roadmap for achieving compliance with NIS2.

Output Benefits:

  • Enhanced understanding of NIS2 Directive and its impact on cybersecurity.
  • Clarity on business-specific requirements under NIS2.
  • Practical knowledge on aligning with industry-standard practices for risk mitigation.
  • Guidance on developing a tailored roadmap for NIS2 compliance.

Title: The new era of DORA

  • Objectives: Understand the purpose of DORA, the main principles and objectives.
  • Output: After the presentation the attendees will have a basic knowledge of DORA regulation, its objectives and the key requirements.

Instructors:

Demos is the CEO of Reg4Tech Ltd, an IT Audit and IT Consulting services company with a vast portfolio of offerings across industries.
Demos experience is around the understanding, evaluation and validation of Information Systems and business procedures of a large number of companies operating locally and abroad. He has extensive experience of 20 years in providing Information Systems (IS) Audits, Security Management reviews, Risk Management, IT Governance, Data Protection and IT Compliance reviews. His experience expands to Third Party Assurance controls reporting (ISAE 3402/SOC1 & ISAE 3000/SOC2), Implementing and auditing Business Continuity Management (BCM) in line with the ISO 22301 standard, Implementing and auditing Information Security Management (ISMS) in line with the ISO 27001 standard and Security awareness and Data Protection trainings.
Demos was leading IT Audit and IT Consulting services in a Big 4 company in Cyprus for various industries (Banking, EMIs/Pls, Forex, Investments, Insurance, Telecoms, retails, hospitality, shipping) with the aim to assist companies to identify, evaluate and respond to their IT weaknesses and IT risks. As part of the projects, he was advising companies on how to enhance their IT strategy and internal IT controls.
Demos is the Immediate Past President and Board member of the ISACA’s Cyprus chapter, an affiliated member of the ISACA international “Information Systems Audit and Controls Association” (ISACA).
Demos is also the Chair of the Technology & Innovation Centre of Excellence at Russell Bedford International.

 

Michael is a Manager in PwC’s Digital Trust team with over ten years of experience in technology risk, IT audit, and consulting. He specialises in cybersecurity transformation and regulatory compliance, with deep expertise in assessing the security posture of hybrid IT environments and developing practical, risk-based strategies to enhance maturity in line with best practices and international standards. Michael leads PwC Cyprus’s capabilities on the NIS regulation.
He supports both private and public sector organisations in implementing and assessing enterprise-wide technology risk frameworks, compliance programs, and IT strategies. His focus areas include the management and delivery of projects related to organisational and control assessments across multiple regulatory and best practice frameworks, such as ISO 27001, NIS2, EBA Guidelines, DORA GDPR, and CIS and SOC control reporting.

 

Constantinos Solomonides is Information Security Analyst in the banking sector. He is a graduate from the University of Southampton, holding an MSc in Cyber Security and Risk Management and from the University of Cyprus, with BSc in Computer Science. Constantinos is also CISA and CISM certified from ISACA. He has previous experience in the Forex industry as platform and security administrator, and 4 years of experience in consulting firms as Cyber Security Consultant and IT auditor. The last 3 years, Constantinos works as Information Security Analyst at the Bank of Cyprus being responsible for Regulatory Compliance, Cyber Resilience and ICT Incident Management.