Introduction
to the NIS2 directive

Understand the scope and objectives of the NIS2 directive and explore its implications for managers. Compliance is no longer solely an IT concern; it's also your responsibility.

Which organisations are affected?
Understanding NIS2 reach

Discover which organistions fall under the NIS2 directive by exploring key terms and classifications, so you can clearly understand the directive's impact and what you’re up against.

What measures should you take?
Part 1 (Art. 21)

Understand the fundamental cybersecurity measures required by NIS2 and how to implement them. This module covers risk analysis, incident handling, business continuity, and supply chain security.

What measures should you take?
Part 2 (Art. 21)

Explore advanced cybersecurity measures such as secure system development, effectiveness assessments, cyber hygiene practices and cybersecurity training, cryptography and encryption.

What measures should you take?
Part 3 (Art. 21)

Complete your cybersecurity strategy with HR management, access control, asset tracking, authentication, secure communications and emergency communication systems.

How to report?
Your obligations explained (Art. 23)

This module focuses on how reporting cyber incidents and sharing information can help organisations and sectors collaborate to minimise the impact of cyber threats across the EU.

Governance, roles and responsibilities (Art. 31 to 37)

Learn how NIS2 holds top management accountable for cybersecurity. This module outlines the roles of the board of directors, executive management, CISO, and ISM in establishing and maintaining a robust cybersecurity framework.

Supervision, enforcement and penalties

Understand the severe repercussions of non-compliance with NIS2. This final module explains the responsibilities of national authorities and the financial and operational penalties organisations may face for failing to meet NIS2 standards.

Stakeholder management

Implementing NIS2 starts with securing buy-in from key stakeholders. Discover strategies and tools to help you identify, engage, and gain support from crucial individuals throughout your compliance journey.

Asset inventory and
risk analysis

Understand which assets need protection by identifying and assessing critical organisational resources. Learn how to address vulnerabilities and manage potential threats.

Security policy development

Explore the different types of security policies, identify those relevant to your organisation, and learn how to create them to build a strong security foundation.

Strengthening the supply chain

Conduct risk assessments and apply best practices to manage relationships with vendors and third parties, ensuring your supply chain is secure.

Incident management

Build robust incident management processes. Learn how to create an effective response plan and ensure your technical environment is ready to handle real-world incidents.

Cyber security training

Discover how to design training programmes that equip your staff with the skills and knowledge needed to identify, prevent, and respond to cyber threats.

Core security controls

Gain a clear understanding of the essential security controls required for NIS2 compliance, including access control, secure network services, and business continuity planning.

Evaluating and enhancing
security effectiveness

Understand the scope and objectives of the NIS2 directive and explore its implications for managers. Compliance is no longer solely an IT concern; it's also your responsibility.

What is GDPR? When and where does it apply?

Understand the basics of GDPR, its importance, and its impact on data subjects.

The 6 principles
of GDPR

Understand the core principles of GDPR that guide data processing.

The rights of data subjects

Learn about the rights individuals have under the GDPR and how to respect them.

Dealing with data subject requests

Understand the difference between data controllers and data processors and learn who’s responsible for answering questions from data subjects.

The role of a
Data Protection Officer

Learn what a Data Protection Officer does and whether your organisation is obliged to hire one.

What to do in case of
a data breach?

This module focuses on how reporting cyber incidents and sharing information can help organisations and sectors collaborate to minimise the impact of cyber threats across the EU.

International
data transfers

Learn the rules for transferring personal data outside the EU.

What is GDPR? When and
where does it apply?

Understand the basics of GDPR, its importance, and its impact on your privacy.

The 6 Principles of GDPR

Understand the core principles behind the GDPR.

The Rights of Data Subjects

Learn about your rights under the GDPR

Exercising your Rights

Understand the difference between data controllers and data processors and learn who’s responsible for answering your information requests.

Learn the phishing basics

Refresh your knowledge of phishing and why it’s a threat. This module covers the common tactics used by cybercriminals and provides essential knowledge to help you identify potential phishing attempts.

Spot the phishing messages

Dive deeper into identifying phishing attempts by analysing real-world examples. Learn to recognise red flags in emails, text messages, and other forms of communication to protect yourself from falling victim to these scams.

Take the phishing quiz

Test your knowledge and sharpen your skills. Practice spotting phishing attempts in simulated scenarios and reinforce what you’ve learned in the previous modules.

Introduction to Personally Identifiable Information (PII)

Get to know the rules and regulations that define how your company should handle personal data.

Fair Information Practices
(FIPs)

Understand the eight principles of FIPs and how to apply them in real-world situations.

Understanding Privacy Impact Assessments (PIAs)

In this session, you’ll learn what PIAs are, when they’re needed, and how conducting one can help your organisation remain compliant and build trust.

The California Consumer Privacy Act (CCPA)

Explore the CCPA and why it concerns you, even if you’re not in California.

Balancing KYC protocols and PII privacy

Businesses need to verify customer identities, but how can you do this while respecting their privacy rights? Discover how to comply with KYC rules while ensuring responsible data handling.

The essentials of the Health Insurance Portability and Accountability Act (HIPAA)

Discover what it is, who must follow it, and how to apply three pillars to protect patient data.

Protected Health Information
(PHI)

PHI is the primary focus of HIPAA protection, and this session will help you define it, understand its importance, recognise the risks of mishandling it, and apply best practices.

Physical & digital security measures

You’ll learn how to implement physical security measures and how to apply digital security best practices to prevent breaches and protect sensitive information.