New frameworks and updates to help European companies achieve compliance faster
To build customer trust, companies doing business in Europe must establish and maintain compliance with cybersecurity frameworks. However, changing regulations and new frameworks make managing compliance even more complex and burdensome for overworked security teams. To stay ahead and compete on a global stage, European companies need the right technology, local expertise, and trusted partnerships. That’s where Vanta comes in.
Today we’re excited to announce support for emerging regulations, including the EU AI Act, DORA, and NIS 2, product enhancements, and our new office in London. With Vanta, you can stay up to date with the latest regulations, achieve compliance faster and more efficiently, and free up time to focus on innovation and growth.
Scale compliance across local regulations and international standards
Vanta helps you understand controls and policy requirements as they evolve so you can satisfy European regulations such as the EU AI Act, DORA, and NIS 2 as well as international standards like SOC 2 and ISO 27001—with one platform.
Vanta now supports the EU AI Act
The rapid adoption of AI technologies presents both opportunities and risks for organisations. According to Vanta’s latest State of Trust Report, nearly half (49%) of UK companies are concerned about the risks AI poses to their security.
Launching today, Vanta’s support for the EU AI Act includes all AI-specific controls, policies, tests, and documents mandated by the act, helping you meet emerging regulations and avoid significant penalties. Vanta categorises AI systems as “high-risk” or “low-risk” based on regulatory criteria and automates collection of the evidence needed to prove compliance, enabling continuous compliance monitoring while also automating AI risk assessments. Our new offering also ensures that you have the necessary documentation for external auditors—making compliance with the EU AI Act seamless.
Added support for DORA and NIS 2
In addition to the EU AI Act, we’re excited to expand our offerings to support DORA and NIS 2.
DORA, which takes effect in January 2025, requires financial institutions to strengthen their digital operational resilience, ensuring that they can withstand, respond to and recover from information and communication technology (ICT) disruptions. With Vanta’s support for the DORA framework, financial services firms in Europe can automate compliance efforts to ensure operational resilience by the January deadline.
Our newly added support for the NIS 2 directive is designed to help organisations across sectors like energy, banking and manufacturing to improve their resilience and response to cyber threats. The NIS 2 directive raises standards for risk management, incident reporting and control verification. Vanta’s support for this framework provides a cross-regional control set that allows you to meet NIS 2 compliance regardless of where you’re based, helping you prepare ahead of local NIS 2 law being released.
Additional European frameworks and free penetration testing
According to Vanta’s State of Trust Report 2024, organisations in the UK spend an average of 12 weeks a year on compliance tasks. This is not only time-consuming but costly, making automation even more critical. Previously announced, Vanta also supports ISO 42001 to help organisations responsibly develop and use AI. By satisfying ISO 42001, organisations are better positioned to meet and exceed EU AI Act requirements.
Vanta also enables compliance with the UK Cyber Essentials framework, a widely adopted cybersecurity framework critical for any company seeking to improve their overall security posture or bid on UK government contracts.
Vanta’s cross-mapping of controls across frameworks enables you to leverage already completed work to achieve compliance with these and other frameworks faster.
To further streamline your compliance process, Vanta now also provides free penetration testing for customers in UKI and Europe through Cognisys. These tests include external scans and black-box assessments that are integrated directly into the Vanta platform.
“Instead of hiring two full-time consultants and spending a year on the process, we achieved compliance in just seven months, saving time and costs.” – Magnus Sparf, CISO, Sitoo
Policy Builder and compliance roadmap guide for ISO 27001
For customers seeking ISO 27001 certification for the first time, we’ve also rolled out additional capabilities that provide guidance and enable you to move faster and with more confidence.
Policy Builder for ISO 27001
With Vanta, you don’t need to be a compliance or legal expert to draft policies. Policy Builder gives you everything you need (including policy templates) and guides you through the process. Work on one policy section at a time and see a live preview on the right-hand side that updates as you go.
Compliance roadmap guide for ISO 27001
Vanta helps you get compliant quickly and efficiently with a personalised compliance roadmap that guides you through each key milestone and keeps you on track toward achieving ISO 27001 certification. After answering a few questions about your ideal timeline and tech stack, Vanta will create a milestone-driven guide that breaks the entire process down into four key phases to ensure you’re staying on track. You’ll be guided to complete specific steps within each phase and can access additional guidance when you need it.
Accelerating European momentum with our new London office
Since establishing our European headquarters in Dublin and data centre in Frankfurt, we’ve continued to scale our investments in the region to better serve local customers. This includes the recent opening of our new office in London.
In the year ahead, we’ll continue to expand our support in London and Dublin to ensure that local customers have the technology and expert guidance they need to build, scale, and demonstrate trust with Vanta.
“We really felt supported by Vanta, not just on our certification process, but also on what is the best way to approach information security.” – Thomas Pelletier, VP of Engineering, Silvr
Get started with Vanta today
We’re committed to helping customers in Europe streamline and scale compliance and move from point-in-time checks to a continuous, proactive approach to establishing and demonstrating trust. Support for the EU AI Act, DORA, and NIS 2 is now available in Vanta. Book a demo today to learn more.
Written by Brian Retson