FIRST SHPK

EU Legislative Interests

General Data Protection Regulation (GDPR) First helps clients meet data privacy and data protection requirements through: Risk and asset management Compliance audits Security governance consulting Incident response and data breach management Directive on Security of Network and Information Systems (NIS2 Directive) As a provider of security operations, SOC services, and incident management, First supports organizations in: Strengthening cybersecurity resilience Implementing continuous monitoring and early alert systems Meeting mandatory reporting obligations for security incidents Digital Operational Resilience Act (DORA) First contributes to ICT risk management for financial institutions via: Penetration testing and vulnerability management Security assessments of third-party ICT services Business continuity and forensic capabilities eIDAS Regulation (Electronic Identification and Trust Services) Relevant through First's consultancy services that may support secure identity, trust frameworks, and secure communication systems in regulated sectors. ISO/IEC 27001 and Related Standards While not legislation, compliance with international standards like ISO 27001 is heavily referenced in EU policy frameworks, and First actively supports certification preparation and implementation. Payment Card Industry Data Security Standard (PCI DSS) Often required in the EU financial and e-commerce sectors, this is part of First’s compliance service offering.

Communication Activities

Communication Activities Related to EU Policies 🎓 Educational Events and Training Campaigns Security Seminars & Tailored Courses Regularly held for different organizational levels: Board Members – one-to-one OSINT-based security awareness (relevant for GDPR and NIS2 accountability). Customer-facing Employees – awareness training to reduce social engineering threats (important for GDPR compliance). Fraud Management Teams – OSINT for fraud detection and prevention. IT & Security Professionals – advanced cybersecurity training, including EU regulatory compliance topics like ISO 27001 and GDPR. 📚 Security Awareness Publications and Strategic Consulting Custom Security Intelligence Reports (Monthly) Includes threat trends, risk assessments, and mitigation recommendations aligned with policy compliance (e.g. DORA, NIS2). Compliance Audits and Guidance Materials Consulting services produce internal documents, policies, and audit reports aligned with: GDPR ISO 27001 PCI DSS Workshops & Strategic Planning Sessions Governance, Risk & Compliance Services Offer structured communication on how to align internal procedures with EU policies through: Risk Management Workshops Security Process Development Policy and Controls Implementation

Interests Represented

Promotes their own interests or the collective interests of their members

Member Of

https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/home