Emerging threats

We support organisations striving to build a trustworthy, safe online environment where users can engage authentically in their communities.
Cross-sector corporatesWe support international government organisations and NGOs working to provide infrastructure or improve the capabilities, security and resilience of their nation.
International programmes and developmentWe support commercial organisations operating in a digital world, seeking to protect their reputation and prevent business disruption caused by cyber attacks and compliance breaches.
UK government and public sectorWe support UK government organisations responsible for safeguarding critical infrastructure, preserving public trust, and maintaining national security.
The Network and Information Security Directive 2 (NIS2) is the EU’s latest directive aimed at strengthening cyber security and resilience across key sectors. It replaces the original NIS Directive with a broader scope and stricter obligations designed to protect critical services from today’s rapidly evolving cyber threat landscape, ensuring the overall resilience and security of EU Member States at a national level.
NIS2 mandates that in scope entities must implement robust risk management and incident response measures, broken down into the following areas (with 4 and 5 most relevant for governments and nationally significant organisations):
Entities must implement robust policies and procedures across key areas including:
Entities must notify a designated national competent authority of cyber security incidents within the following timeframes:
Entities must share cyber threat intelligence via trusted networks to strengthen collective cyber defences.
Who: Government agencies, national CSIRTs, private sector, cybersecurity firms, critical infrastructure operators
What: Information on new cyber threats, ongoing attack warnings, and best practices
Why: To prevent threat spread, speed up response times, and reduce financial and operational impact
EU Member States need cyber crisis management frameworks to ensure a coordinated and effective response to nationally significant cyber incidents, including:
Each Member State must develop a comprehensive national strategy including:
We deliver end-to-end cyber security solutions tailored to NIS2 compliance, combining strategic consultancy, incident response, and information security with robust training and capacity building programmes.
Our proven expertise in building national and organisational cyber resilience ensures our clients are prepared to manage risks, maintain strong defences, and respond effectively to cyber threats across all relevant sectors.
Developing a comprehensive cyber security strategy aligned with NIS2 requirements.
We help clients plan, prepare for and respond effectively to cyber incidents, ensuring uninterrupted operations in a crisis.
This includes implementing Business Continuity Management Systems (BCMS) aligned with ISO 22301 and NIS2 requirements for effective resilience and recovery.
We help organisations prepare for and respond to cyber incidents with speed and confidence.
We design and test incident response plans and playbooks, defining incident categories, and ensuring coordination across teams, to minimise operational disruption.
Auditing and implementing controls to protect sensitive data and critical systems.
We work with governments, regulatory bodies and critical infrastructure operators to design and implement national-level frameworks that define clear roles, responsibilities, and coordinated processes for managing cyber incidents across sectors and stakeholders.
We deliver tailored training programmes designed to upskill personnel, enhance cybersecurity awareness, and build capability to run effective cyber exercises aligned with international best practices.
PGI offers in-depth, established expertise in building and enhancing national and organisational cyber resilience.
We provide comprehensive, strategic services including incident response, business continuity, risk management, and information security, making us a trusted partner for all areas of NIS2 compliance.
We’ve successfully supported over fifty governments with incident response and resilience building across five continents
We work closely with stakeholders across key sectors and governments to ensure incident response frameworks are practical, widely adopted, and support cross-sector coordination.
Our team have an established international reputation as a provider of incident preparedness and response expertise to governments, international agencies and corporate entities.
The UK's upcoming Cyber Resilience Bill will establish a national framework to strengthen cyber defences, aligned with NIS2 and international cyber security standards. It is expected to impact UK organisations providing critical services, MSPs, supply chain partners and public sector firms and bodies.
The recently published Cyber Governance Code of Practice closely aligns with both NIS2 and the upcoming 2025 UK Cyber Resilience Bill, and early implementation will be critical to minimise disruption ahead of future regulations.
New cybersecurity laws can be daunting, but we’re here to ease the process. We can help ensure that your organisation not only meets current cyber security regulations but is also prepared for these future changes.
If your organisation is already certified to ISO 27001 (Information security) or ISO 22301 (Business continuity), you should already be well positioned for the upcoming bill. However, it's essential to review your incident reporting, governance responsibilities, and supply chain security to ensure full compliance before the bill is implemented.
We're here to help! Get in touch with us today to find out how we can support you.
UK organisations that operate in the EU should also consider that they may already fall into scope of the NIS 2 directive and the cyber resilience bill.