Introduction
to the NIS2 directive

Understand the scope and objectives of the NIS2 directive and explore its implications for managers. Compliance is no longer solely an IT concern; it's also your responsibility.

Which organizations are affected?
Understanding NIS2’s reach

Discover which organizations fall under the NIS2 directive by exploring key terms and classifications, so you can clearly understand the directive’s impact and what you’re up against.

What measures should you take?
Part 1 (Art. 21)

Understand the fundamental cybersecurity measures required by NIS2 and how to implement them. This module covers risk analysis, incident handling, business continuity, and supply chain security.

What measures should you take?
Part 2 (Art. 21)

Explore advanced cybersecurity measures such as secure system development, effectiveness assessments, cyber hygiene practices and cybersecurity training, cryptography, and encryption.

What measures should you take?
Part 3 (Art. 21)

Complete your cybersecurity strategy with HR management, access control, asset tracking, authentication, secure communications, and emergency communication systems.

How to report?
Your obligations explained (Art. 23)

This module focuses on how reporting cyber incidents and sharing information can help organizations and sectors collaborate to minimize the impact of cyber threats across the EU.

Governance, roles, and responsibilities (Art. 31 to 37)

Learn how NIS2 holds top management accountable for cybersecurity. This module outlines the roles of the board of directors, executive management, CISO, and ISM in establishing and maintaining a robust cybersecurity framework.

Supervision, enforcement, and penalties

Understand the serious repercussions of non-compliance with NIS2. This final module explains the responsibilities of national authorities and the financial and operational penalties organizations may face for failing to meet NIS2 standards.

Stakeholder management

Implementing NIS2 starts with securing buy-in from key stakeholders. Discover strategies and tools to help you identify, engage, and gain support from crucial individuals throughout your compliance journey.

Asset inventory and
risk analysis

Understand which assets need protection by identifying and assessing critical organizational resources. Learn how to address vulnerabilities and manage potential threats.

Security policy development

Explore the different types of security policies, identify those relevant to your organization, and learn how to create them to build a strong security foundation.

Strengthening the supply chain

Conduct risk assessments and apply best practices to manage relationships with vendors and third parties, ensuring your supply chain is secure.

Incident management

Build robust incident management processes. Learn how to create an effective response plan and ensure your technical environment is ready to handle real-world incidents.

Cybersecurity training

Discover how to design training programs that equip your staff with the skills and knowledge needed to identify, prevent, and respond to cyber threats.

Core security controls

Gain a clear understanding of the essential security controls required for NIS2 compliance, including access control, secure network services, and business continuity planning.

Evaluating and enhancing
security effectiveness

Understand the scope and objectives of the NIS2 directive and explore its implications for managers. Compliance is no longer solely an IT concern; it's also your responsibility.

What is GDPR? When and where does it apply?

Understand the basics of GDPR, its importance, and its impact on data subjects.

The 6 principles
of GDPR

Understand the core principles of GDPR that guide data processing.

The rights of data subjects

Learn about the rights individuals have under the GDPR and how to respect them.

Dealing with data subject requests

Understand the difference between data controllers and data processors and learn who’s responsible for answering questions from data subjects.

The role of a
Data Protection Officer

Learn what a Data Protection Officer does and whether your organization is required to appoint one.

What to do in case of
a data breach?

This module focuses on how reporting cyber incidents and sharing information can help organizations and sectors collaborate to minimize the impact of cyber threats across the EU.

International
data transfers

Learn the rules for transferring personal data outside the EU.

What is GDPR? When and
where does it apply?

Understand the basics of GDPR, its importance, and its impact on your privacy.

The 6 Principles of GDPR

Understand the core principles behind the GDPR.

The Rights of Data Subjects

Learn about your rights under the GDPR.

Exercising your Rights

Understand the difference between data controllers and data processors and learn who’s responsible for answering your information requests.

Learn the phishing basics

Refresh your knowledge of phishing and why it’s a threat. This module covers the common tactics used by cybercriminals and provides essential knowledge to help you identify potential phishing attempts.

Spot the phishing messages

Dive deeper into identifying phishing attempts by analyzing real-world examples. Learn to recognize red flags in emails, text messages, and other forms of communication to protect yourself from falling victim to these scams.

Take the phishing quiz

Test your knowledge and sharpen your skills. Practice spotting phishing attempts in simulated scenarios and reinforce what you’ve learned in the previous modules.

Introduction to Personally Identifiable Information (PII)

Get to know the rules and regulations that define how your company should handle personal data.

Fair Information Practices
(FIPs)

Understand the eight principles of FIPs and how to apply them in real-world situations.

Understanding Privacy Impact Assessments (PIAs)

In this session, you’ll learn what PIAs are, when they’re needed, and how conducting one can help your organization stay compliant and build trust.

The California Consumer Privacy Act (CCPA)

Explore the CCPA and why it concerns you, even if you’re not in California.

Balancing KYC protocols and PII privacy

Businesses need to verify customer identities, but how can you do this while respecting their privacy rights? Discover how to comply with KYC rules while ensuring responsible data handling.

Overview and core principles

Discover what it is, who must follow it, and how to apply three pillars to protect patient data.

Patient
privacy & confidentiality

PHI is the primary focus of HIPAA protection, and this session will help you define it, understand its importance, recognize the risks of mishandling it, and apply best practices.

Physical & digital security measures

Learn how to implement physical security measures and apply digital security best practices to prevent breaches and protect sensitive information.

HIPAA
violations & consequences

In this session, you’ll examine the reality of HIPAA violations—when PHI is accessed, disclosed, or mishandled contrary to HIPAA rules.