Lead Auditor and Consultant
Iulian Bozdogina is a veteran cybersecurity strategist with over 15 years of experience in securing automotive supply chains and critical infrastructure. He specializes in TISAX®, ISO 27001, and the emerging NIS2/DORA regulatory landscape.
Why leading automotive, aerospace, and technology companies trust ITIS-Secure to take them from security gaps to full certification — fast. Learn our 7-step methodology for TISAX®, ISO 27001, and NIS2.
Preparing for a TISAX assessment in 2026 is not just about passing an audit. It is about proving to the world's leading OEMs that you are a resilient, reliable partner in an increasingly hostile cyber landscape.
A comprehensive implementation guide for SMEs facing the NIS2 Directive. Learn the 7 core steps to achieving a defensible compliance posture.
For mid-sized automotive tier suppliers and technology service providers, hiring a full-time Chief Information Security Officer (CISO) is often prohibitively expensive and unnecessary for day-to-da...
The transition period for the ISO/IEC 27001:2022 standard is rapidly closing. Organizations currently certified under the 2013 standard must upgrade their Information Security Management Systems (I...
In the enterprise security space, there is a dangerous misconception that running an automated vulnerability scanner constitutes a "penetration test."
The updated Network and Information Security Directive (NIS2) completely overhauls the cybersecurity landscape across the European Union. Unlike its predecessor, NIS2 aggressively expands the scope...
Despite millions of dollars invested in Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), and [Cloud Security Posture Management (CSPM) tools](/blog/cspm-finding-misconfigura...
For organizations navigating the complex landscape of information security compliance, deciding between ISO/IEC 27001 and TISAX® (Trusted Information Security Assessment Exchange) is a critical str...
For modern enterprises, the traditional "castle and moat" security model is obsolete. Remote workforces, SaaS sprawl, and multi-cloud environments (AWS, Azure, GCP) have permanently dissolved the c...
The financial sector is the primary target for advanced cybercrime syndicates and state-sponsored attacks. In response to the growing systemic risk posed by digital interconnectedness, the European...
For automotive suppliers, the mandate for cybersecurity has never been more complex. Today's connected vehicles contain upwards of 100 million lines of code, transforming them into mobile data cent...
The rapid migration to public cloud infrastructure (AWS, Azure, GCP) has fundamentally altered enterprise risk profiles. While cloud providers guarantee the security *of* the cloud, the customer re...
A cyberattack is no longer a question of "if," but "when." When a ransomware syndicate breaches your network or a critical supplier is compromised, executive leadership has minutes—not days—to make...
Securing an ISO/IEC 27001 certification is a rigorous process involving multiple layers of assessment. For many organizations, the terminology surrounding the audit lifecycle—Stage 1, Stage 2, inte...
Despite massive investments in Next-Generation Firewalls, Endpoint Detection, and overarching Zero-Trust Architectures, the most vulnerable layer in an...
You can outsource your payroll, your cloud hosting, and your customer service, but you cannot legally outsource your risk. Modern enterprises operate within deeply interconnected digital supply cha...