[et_pb_section fb_built=”1″ admin_label=”Header” _builder_version=”4.21.0″ _module_preset=”default” background_image=”https:\/\/emdinfotech.com\/wp-content\/uploads\/2025\/05\/online-university-18.jpg” custom_padding=”8vw||0px||false|false” collapsed=”on” global_colors_info=”{}”][et_pb_row custom_padding_last_edited=”on|desktop” _builder_version=”4.22.1″ _module_preset=”default” background_color=”gcid-a9d8e14e-2f78-408a-a83c-506939196b52″ custom_padding=”60px|60px|60px|120px|true|false” custom_padding_tablet=”30px|30px|30px|60px|true|false” custom_padding_phone=”20px|20px|20px|40px|true|false” border_radii=”off|30px|30px||” global_colors_info=”{%22gcid-a9d8e14e-2f78-408a-a83c-506939196b52%22:%91%22background_color%22%93}”][et_pb_column type=”4_4″ _builder_version=”4.22.1″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.4″ _module_preset=”d343c4fc-656d-4a09-a789-aaac73e94025″ header_font=”Roboto|300|||||||” header_text_color=”#FFFFFF” header_font_size=”55px” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n
[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=”1″ admin_label=”About” _builder_version=”4.19.1″ _module_preset=”default” collapsed=”on” global_colors_info=”{}”][et_pb_row _builder_version=”4.27.4″ _module_preset=”default” max_width=”1280px” max_width_tablet=”1280px” max_width_phone=”1280px” max_width_last_edited=”on|desktop” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.19.1″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.4″ _module_preset=”640e0153-b982-4bd5-b76d-dc78dcfc5a61″ hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n
[\/et_pb_text][et_pb_text _builder_version=”4.27.4″ _module_preset=”eac53637-81be-470b-aa2c-f0a69663910e” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n
What every business needs to know in 2025 – Full guide by EMD Infotech<\/strong><\/p>\n In 2025, cybersecurity enters a new era with the implementation of the National Cybersecurity Requirements Framework (S3)<\/strong>, which is the key tool for the implementation of the European NIS2<\/strong> Directive (Directive 2022\/2555\/EU).S3 sets out specific obligations and measures for organisations that are considered “key” and “important entities” and operate in critical sectors of the Greek economy and society. <\/p>\n The new Greek legislation (Law 5160\/2024 and relevant ministerial decisions of May 2025) is directly binding and affects public, but mainly PRIVATE businesses operating in:<\/p>\n Telecommunications<\/p>\n<\/li>\n Energy<\/p>\n<\/li>\n Health<\/p>\n<\/li>\n Transport<\/p>\n<\/li>\n Information technologies<\/p>\n<\/li>\n Financial services<\/p>\n<\/li>\n Food<\/p>\n<\/li>\n Water management<\/p>\n<\/li>\n Critical industrial infrastructure<\/p>\n<\/li>\n Plenty of other sectors, including the hotel and tourism business<\/strong><\/p>\n<\/li>\n<\/ul>\n It is now required:<\/strong><\/p>\n Holistic risk management<\/strong>: Policies, procedures and measures based on international standards (ISO, NIST, etc.), with documentation of all actions.<\/p>\n<\/li>\n Explicit management responsibility<\/strong>: top management bodies (Board, CEO, etc.) are now personally responsible for implementation and accountability.<\/p>\n<\/li>\n Continuous risk assessment and management<\/strong>: regular review of threats, measures and incident response plans.<\/p>\n<\/li>\n Safety policies & procedures<\/strong>: Mandatory existence and regular updating of policies for access, account management, encryption, encryption, backups, physical and environmental security, vendor partnerships, software development, etc.<\/p>\n<\/li>\n Designation of a Safety Officer (SHO)<\/strong>: a mandatory role in every entity reporting directly to management.<\/p>\n<\/li>\n Independent checks and tests<\/strong>: Annual internal\/external audits and penetration testing.<\/p>\n<\/li>\n Continuous staff training<\/strong>: Awareness and technical training programmes for all staff.<\/p>\n<\/li>\n Incident management and notification<\/strong>: Recording, analysis and mandatory reporting of cybersecurity incidents to competent authorities.<\/p>\n<\/li>\n<\/ul>\n Very often hotel businesses handle critical customer data, online booking processes, payment systems, and smart hospitality technologies (smart rooms, self check-in, etc.). Compliance with S3 is legally mandatory<\/strong> and will now be audited on a regular basis. <\/p>\n Fines and legal sanctions<\/p>\n<\/li>\n Loss of partnerships\/contracts<\/p>\n<\/li>\n Damage to reputation<\/p>\n<\/li>\n Real operational risk (downtime, data loss)<\/p>\n<\/li>\n<\/ul>\n EMD Infotech<\/strong> provides a complete package of cybersecurity compliance and management services, which includes:<\/p>\n Initial Audit – gap analysis<\/strong>: investigation of the current situation and weaknesses of your business in relation to S3\/NIS2 requirements.<\/p>\n<\/li>\n Preparation and updating of security policies<\/strong>: We prepare tailor-made policies and procedures (for access, asset management, incidents, encryption, backups, supply chain, etc.).<\/p>\n<\/li>\n Technical implementation of measures<\/strong>: we install and configure endpoint protection systems, firewalls, MFA, data encryption, etc.<\/p>\n<\/li>\n Staff and management training<\/strong>: seminars and online workshops, tailored to the role of each team.<\/p>\n<\/li>\n Conduct penetration tests and vulnerability assessments<\/strong>: annual or ad hoc audits, with full reporting and suggestions for improvement.<\/p>\n<\/li>\n DPO\/CISO-as-a-Service<\/strong>: permanent or on-demand consultancy to maintain compliance.<\/p>\n<\/li>\n Incident management and reporting support<\/strong>: immediate response to incidents and guidance on mandatory incident notification.<\/p>\n<\/li>\n<\/ul>\n Contact EMD Infotech directly<\/strong> for a first update and free compliance assessment.<\/p>\n<\/li>\n Start with a complete inventory of your assets, systems and processes<\/strong>.<\/p>\n<\/li>\n Train and raise awareness among your staff<\/strong>.<\/p>\n<\/li>\nWhat is S3 and why is it relevant to every modern business?<\/h3>\n
\n
What changes with S3 and the new legislation?<\/h3>\n
\n
More specifically for Hotels & Tourism Businesses<\/h3>\n
Who is at risk if they do not comply?<\/h3>\n
\n
How can EMD Infotech<\/strong> help?<\/h3>\n
\n
The next steps for each business:<\/h3>\n
\n