Understanding the NIST Framework

You’ll learn the basics of the US NIST Cyber Security framework: how to link it to real risks, set priorities that fit your context, and define concrete actions and responsibilities. You'll walk away with structure, direction, and the confidence to get started.

Is NIST relevant for you?
It probably is!

Aligning with the NIST Framework is only mandatory for US government agencies, but it’s quickly becoming the norm. Discover how NIST helps your organization reduce risk, meet customer and partner expectations, and build trust across your supply chain.

What measures should you take? Part 1

You’ll explore four cyber risk areas in detail: risk assessment, incident response, resilience, and supply chain security. You’ll learn what each area involves, what’s expected from your team, and how to take practical steps that make a difference.

What measures should you take? Part 2

Discover how to embed cyber security in your procurement and development processes, especially around software. This session also explores the role of employee training and how to create a culture where good cyber hygiene becomes second nature.

What measures should you take? Part 3

The more connected your systems, the more important it becomes to know who has access—and to what. This session introduces key access and identity management principles: controlling access rights, verifying user identities, and keeping track of your most critical assets.

How to analyze incidents and communicate clearly

Reacting quickly to an incident is essential—but reacting in the right way is just as important. You’ll learn how to investigate incidents thoroughly, communicate with internal and external stakeholders, and use clear documentation to contain damage and support long-term resilience.

Governance, roles & responsibilities

Cyber security needs clear leadership. In this session, we focus on the people side of the framework: how to define roles and ensure that security decisions are supported at the right level. Strong governance is what turns strategy into action.

Oversight, showing compliance & business impact

What does 'being in control' actually look like? This final session covers what it takes to demonstrate compliance—through internal audits, documentation, and board-level oversight. You’ll learn how to link cyber security efforts to business impact and show that your organization is not just secure, but accountable too.

This level is designed for those responsible for putting the NIST Framework into practice. You’ll learn how to assess your current posture, define a target profile, and translate the framework into concrete steps tailored to your organisation’s size, sector and risk profile. We’ll also introduce the concept of Implementation Tiers—helping you decide how structured your approach should be, and how to align it with business needs. By the end, you’ll understand how to prioritise next steps, communicate progress with stakeholders, and shape a NIST-based approach that’s realistic, scalable and built to last.

Deepfakes
& AI images

Explore the world of deepfakes and AI-generated images and their impacts.

✔ NIST ✔ ISO27001

You and your colleagues
as the Human Firewall

Discover how you and your colleagues can act as a strong Human Firewall.

✔ NIST ✔ ISO27001 ✔ SOC2

Financial fraud 101: Safeguard
your bank accounts

Understand the common types of wire fraud and what you do best to protect yourself from these scams.

✔ GDPR ✔ NIST ✔ ISO27001

Hybrid work-arounds:
Securing your home office

Discover the perils of remote work and learn how to establish workflows that keep you as cyber secure at home as in the office.

✔ NIST ✔ ISO27001

Mobile security: Safeguarding your physical devices

Explore the essentials of mobile device configuration and safeguard both personal and corporate safety with a mobile device policy.

✔ SOC2 ✔ NIST ✔ ISO27001

App safety 101: Making
informed choices

Master the art of secure app selection in this session. Learn 7 essential steps, from consulting IT to app testing, to ensure you're making safe choices.

✔ NIST ✔ ISO27001

How to handle cyber
security incidents: Part 1

Learn how to handle 5 cyber incidents based on previous sessions: ID fraud, oversharing, online ordering, bank fraud and parcel management.

✔ GDPR ✔ NIST ✔ ISO27001

Keep recruitment secure: HR cyber security essentials

Gain a behind-the-scenes understanding of why cyber security matters to everyone, not just HR professionals.

✔ SOC2 ✔ ISO27001 ✔ NIST

Securing the
Supply Chain: basics

Understand the basics of supply chain security, focusing on risk assessment and initial protective measures.

✔ NIST  ✔ ISO27001

Secure onboarding:
welcoming new employees safely

Explore best practices for onboarding new employees, ensuring they adhere to your company’s cyber security policies from day one.

✔ NIST  ✔ ISO27001

Secure offboarding:
protecting your assets

Understand the importance of a secure offboarding process, including revoking access and protecting sensitive information when employees leave.

✔ NIST

Securing the Supply Chain: advanced

Build on the foundational measures with advanced strategies to secure your supply chain against cyber threats.

✔ NIST ✔ ISO27001 ✔ NIST

Mastering Encryption Techniques:
robust communication

Understand the fundamentals of encryption, cryptography and blockchain to secure your communication within your organisation.

✔ SOC2 ✔ NIST ✔ ISO27001 ✔ GDPR

Data management and
protection: the next level

Master the essentials of safe data disposal, retention, classification, back-up management, and cloud storage.

✔ SOC2 ✔ GDPR ✔ NIST ✔ ISO27001

Secure connectivity techniques:
explore advanced methods

Learn how to secure network connections, including best practices for Wi-Fi security, Virtual Private Networks (VPNs), and zero trust security models.

✔ NIST ✔ NIST ✔ ISO27001

Hybrid working:
cybersecurity best practices

Learn how to maintain a cyber proof hybrid work environment, protecting both in-office and remote employees.

✔ NIST ✔ ISO27001

Cybersecure collaboration : working in team

Learn how to build a team risk inventory and how to mitigate those risks with best practices for your team’s security.

✔ NIST ✔ ISO27001

Why this Cyber
Resilience training?

Explore why Cyber Resilience is crucial for personal and professional security.

✔ ISO27001

Security risks at
home and at work

Identify security risks present both in your home and workplace environments.

✔ HIPAA ✔ ISO27001

Deepfakes
& AI images

Explore the world of deepfakes and AI-generated images and their impacts.

✔ NIST ✔ ISO27001

How to create secure
and strong passwords

Guidance on creating passwords that are both secure and memorable.

✔ ISO27001 ✔ ISO27701

Financial fraud 101: Safeguard
your bank accounts

Understand the common types of wire fraud and what you do best to protect yourself from these scams.

✔ GDPR ✔ NIST ✔ ISO27001

Hacker-proof parcel
management: Do's & don'ts

Find out how to send and receive parcels safely. Considering the sensitive information on labels and possible manipulation.

✔ SOC2 ✔ ISO27001

Confidential data: Store,
classify and send securely

Gain a solid foundation in classifying, labeling, storing, sharing and securily disposing of confidential data.

✔ SOC2 ✔ ISO27001 ✔ ISO27701

Physical access control:
Cybersecure approach

Dive into the essentials of access control policies and grasp their crucial role ensuring only authorised access.

✔ SOC2 ✔ GDPR ✔ ISO27001 ✔ ISO27701

Hybrid work-arounds:
Securing your home office

Discover the perils of remote work and learn how to establish workflows that keep you as cyber secure at home as in the office.

✔ NIST ✔ ISO27001

Protect your physical assets:
Keep resources secure

Learn how to keep your physical assets safe by understanding the link with digital assets, taking ownership and reporting incidents correctly.

✔ SOC2 ✔ GDPR ✔ ISO27001

Mobile security: Safeguarding your physical devices

Explore the essentials of mobile device configuration and safeguard both personal and corporate safety with a mobile device policy.

✔ SOC2 ✔ NIST ✔ ISO27001

App safety 101: Making
informed choices

Master the art of secure app selection in this session. Learn 7 essential steps, from consulting IT to app testing, to ensure you're making safe choices.

✔ NIST ✔ ISO27001

Identifying, reporting and
handling cyber events

This session teaches you the difference between a cyber security event and a cyber security incident and explains how to react to cyber events.

✔ SOC2 ✔ GDPR ✔ ISO27001

Identifying, reporting and
handling cyber incidents

Explore the essentials of handling cyber security incidents in this session, focusing on recognition, reporting, and the importance of timely responses.

✔ GDPR ✔ ISO27001

How to handle cyber
security incidents: Part 1

Learn how to handle 5 cyber incidents based on previous sessions: ID fraud, oversharing, online ordering, bank fraud and parcel management.

✔ GDPR ✔ NIST ✔ ISO27001

How to handle cyber
security incidents: Part 2

Dive into practical strategies for handling key cyber incidents: access control, asset management, mobile devices, apps, and hybrid working.

✔ GDPR ✔ ISO27001

Keep recruitment secure: HR cyber security essentials

Gain a behind-the-scenes understanding of why cyber security matters to everyone, not just HR professionals.

✔ SOC2 ✔ ISO27001 ✔ NIST

Securing the
Supply Chain: basics

Understand the basics of supply chain security, focusing on risk assessment and initial protective measures.

✔ NIST  ✔ ISO27001

Secure onboarding:
welcoming new employees safely

Explore best practices for onboarding new employees, ensuring they adhere to your company’s cyber security policies from day one.

✔ NIST  ✔ ISO27001

Securing the Supply Chain: advanced

Build on the foundational measures with advanced strategies to secure your supply chain against cyber threats.

✔ NIST ✔ ISO27001 ✔ NIST

Data management and
protection: the next level

Master the essentials of safe data disposal, retention, classification, back-up management, and cloud storage.

✔ SOC2 ✔ GDPR ✔ NIST ✔ ISO27001

Secure connectivity techniques:
explore advanced methods

Learn how to secure network connections, including best practices for Wi-Fi security, Virtual Private Networks (VPNs), and zero trust security models.

✔ NIST ✔ NIST ✔ ISO27001

Hybrid working:
cybersecurity best practices

Learn how to maintain a cyber proof hybrid work environment, protecting both in-office and remote employees.

✔ NIST ✔ ISO27001

Cybersecure collaboration : working in team

Learn how to build a team risk inventory and how to mitigate those risks with best practices for your team’s security.

✔ NIST ✔ ISO27001

What about
your online privacy?

Learn strategies to protect your online privacy from potential threats.

✔ GDPR ✔ ISO27701 ✔ SOC2

How to create secure
and strong passwords

Guidance on creating passwords that are both secure and memorable.

✔ ISO27001 ✔ ISO27701

Prevent identity fraud:
Don't be a target

Discover the dangers of identity fraud and learn how to protect your personal information from misuse.

✔ SOC2 ✔ GDPR ✔ ISO27701

Oversharing risks:
From loose lips to loose clicks

In this session, you will learn that the internet forgets nothing and how you can safely manage your digital footprint.

✔ SOC2 ✔ GDPR ✔ ISO27701

Online ordering risks:
How to stay safe

Find out how to assess the security of websites and choose wisely what personal data you share while ordering online.

✔ SOC2 ✔ GDPR ✔ ISO27001 ✔ ISO27701

Confidential data: Store,
classify and send securely

Gain a solid foundation in classifying, labeling, storing, sharing and securily disposing of confidential data.

✔ SOC2 ✔ ISO27001 ✔ ISO27701

Physical access control:
Cybersecure approach

Dive into the essentials of access control policies and grasp their crucial role ensuring only authorised access.

✔ SOC2 ✔ GDPR ✔ ISO27001 ✔ ISO27701

HR confidential: protecting sensitive data

Understand the importance of managing application data securely and the skills needed to protect sensitive information.

✔ SOC2 ✔ GDPR ✔ ISO27701

What about
your online privacy?

Learn strategies to protect your online privacy from potential threats.

✔ GDPR ✔ ISO27701 ✔ SOC2

You and your colleagues
as the Human Firewall

Discover how you and your colleagues can act as a strong Human Firewall.

✔ NIST ✔ ISO27001 ✔ SOC2

Prevent identity fraud:
Don't be a target

Discover the dangers of identity fraud and learn how to protect your personal information from misuse.

✔ SOC2 ✔ GDPR ✔ ISO27701

Oversharing risks:
From loose lips to loose clicks

In this session, you will learn that the internet forgets nothing and how you can safely manage your digital footprint.

✔ SOC2 ✔ GDPR ✔ ISO27701

Online ordering risks:
How to stay safe

Find out how to assess the security of websites and choose wisely what personal data you share while ordering online.

✔ SOC2 ✔ GDPR ✔ ISO27001 ✔ ISO27701

Hacker-proof parcel
management: Do's & don'ts

Find out how to send and receive parcels safely. Considering the sensitive information on labels and possible manipulation.

✔ SOC2 ✔ ISO27001

Confidential data: Store,
classify and send securely

Gain a solid foundation in classifying, labeling, storing, sharing and securily disposing of confidential data.

✔ SOC2 ✔ ISO27001 ✔ ISO27701

Physical access control:
Cybersecure approach

Dive into the essentials of access control policies and grasp their crucial role ensuring only authorised access.

✔ SOC2 ✔ GDPR ✔ ISO27001 ✔ ISO27701

Protect your physical assets:
Keep resources secure

Learn how to keep your physical assets safe by understanding the link with digital assets, taking ownership and reporting incidents correctly.

✔ SOC2 ✔ GDPR ✔ ISO27001

Mobile security: Safeguarding your physical devices

Explore the essentials of mobile device configuration and safeguard both personal and corporate safety with a mobile device policy.

✔ SOC2 ✔ NIST ✔ ISO27001

Identifying, reporting and
handling cyber events

This session teaches you the difference between a cyber security event and a cyber security incident and explains how to react to cyber events.

✔ SOC2 ✔ GDPR ✔ ISO27001

Keep recruitment secure: HR cyber security essentials

Gain a behind-the-scenes understanding of why cyber security matters to everyone, not just HR professionals.

✔ SOC2 ✔ ISO27001 ✔ NIST

HR confidential:protecting sensitive data

Understand the importance of managing application data securely and the skills needed to protect sensitive information.

✔ SOC2 ✔ GDPR ✔ ISO27701

Mastering Encryption Techniques:
robust communication

Understand the fundamentals of encryption, cryptography and blockchain to secure your communication within your organisation.

✔ SOC2 ✔ NIST ✔ ISO27001 ✔ GDPR

Authentication techniques:
explore cutting-edge methods

Dive deep into advanced authentication strategies, including authentication keys, hardware hacking, behavioural biometrics, EIDAS 2.0 and MFA for top-notch security.

✔ SOC2 ✔ NIST ✔ ISO27001

Data management and
protection: the next level

Master the essentials of safe data disposal, retention, classification, back-up management, and cloud storage.

✔ SOC2 ✔ GDPR ✔ NIST ✔ ISO27001

Smartphone skills: improve your
focus while boosting cyber safety

Master your smartphone use to sharpen your focus and productivity, as well as your cyber security defences.

✔ ICDL ✔ DigComp

Email, meeting, and calendar skills:
supercharge your security

Implement smarter digital habits to sharpen focus, streamline your workflow, and boost your productivity.

✔ ICDL ✔ DigComp

Home cyber defence:
securing your digital environment

Build a secure digital foundation at home to protect your family’s online activities.

✔ ICDL ✔ DigComp

Cyber talks for parents:
engaging your children in online security

Learn how to discuss online safety with your children, ensuring they understand the critical importance of cyber safety and follow best practices.

✔ ICDL ✔ DigComp

Keeping apps & devices safe: how to protect your family

List your family's devices and apps, then apply essential security steps to ensure online safety.

✔ ICDL ✔ DigComp

Advanced family protection: key measures to implement

Boost your family’s digital safety by enhancing privacy settings, regularly updating software, and creating backups.

✔ ICDL ✔ DigComp ✔ GDPR

Smartphone skills: improve your
focus while boosting cyber safety

Master your smartphone use to sharpen your focus and productivity, as well as your cyber security defences.

✔ ICDL ✔ DigComp

Email, meeting, and calendar skills:
supercharge your security

Implement smarter digital habits to sharpen focus, streamline your workflow, and boost your productivity.

✔ ICDL ✔ DigComp

Home cyber defence:
securing your digital environment

Build a secure digital foundation at home to protect your family’s online activities.

✔ ICDL ✔ DigComp

Cyber talks for parents:
engaging your children in online security

Learn how to discuss online safety with your children, ensuring they understand the critical importance of cyber safety and follow best practices.

✔ ICDL ✔ DigComp

Keeping apps & devices safe: how to protect your family

List your family's devices and apps, then apply essential security steps to ensure online safety.

✔ ICDL ✔ DigComp

Advanced family protection: key measures to implement

Boost your family’s digital safety by enhancing privacy settings, regularly updating software, and creating backups.

✔ ICDL ✔ DigComp ✔ GDPR

Financial fraud:
deep dive

Dive deep into the sophisticated methods cybercriminals use to commit financial fraud and learn advanced strategies to protect your online presence.

✔ PCI DSS ✔ NIST

Overview and core principles

Discover what it is, who must follow it, and how to apply three pillars to protect patient data.

Patient
privacy & confidentiality

PHI is the primary focus of HIPAA protection, and this session will help you define it, understand its importance, recognize the risks of mishandling it, and apply best practices.

Physical & digital security measures

Learn how to implement physical security measures and apply digital security best practices to prevent breaches and protect sensitive information.

HIPAA
violations & consequences

In this session, you’ll examine the reality of HIPAA violations—when PHI is accessed, disclosed, or mishandled contrary to HIPAA rules.

Security risks at
home and at work

Identify security risks present both in your home and workplace environments.

✔ HIPAA ✔ ISO27001

Deepfakes
& AI images

Explore the world of deepfakes and AI-generated images and their impacts.

✔ NIST ✔ ISO27001 ✔ HIPAA

Do you recognize these
Cyber Resilience terms?

Familiarize yourself with key Cyber Resilience terminology and concepts.

✔ NIST ✔ ISO27001 ✔ HIPAA

You and your colleagues
as the Human Firewall

Discover how you and your colleagues can act as a strong Human Firewall.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ HIPAA

Prevent identity fraud:
Don't be a target

Discover the dangers of identity fraud and learn how to protect your personal information from misuse.

✔ SOC2 ✔ ISO27701 ✔ HIPAA

Oversharing risks:
From loose lips to loose clicks

In this session, you will learn that the internet forgets nothing and how you can safely manage your digital footprint.

✔ SOC2 ✔ ISO27701 ✔ HIPAA

Financial fraud 101: Safeguard
your bank accounts

Understand the common types of wire fraud and what you do best to protect yourself from these scams.

✔ NIST ✔ ISO27001 ✔ HIPAA

Online ordering risks:
How to stay safe

Find out how to assess the security of websites and choose wisely what personal data you share while ordering online.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ ISO27701 ✔ HIPAA

Confidential data: Store,
classify and send securely

Gain a solid foundation in classifying, labeling, storing, sharing and securily disposing of confidential data.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ ISO27701 ✔ HIPAA

Physical access control:
Cybersecure approach

Dive into the essentials of access control policies and grasp their crucial role ensuring only authorized access.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ ISO27701 ✔ HIPAA

Protect your physical assets:
Keep resources secure

Learn how to keep your physical assets safe by understanding the link with digital assets, taking ownership and reporting incidents correctly.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ HIPAA

Mobile security: Safeguarding
your physical devices

Explore the essentials of mobile device configuration and safeguard both personal and corporate safety with a mobile device policy.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ HIPAA

App safety 101: Making
informed choices

Master the art of secure app selection in this session. Learn 7 essential steps, from consulting IT to app testing, to ensure you're making safe choices.

✔ NIST ✔ ISO27001 ✔ HIPAA

Identifying, reporting and
handling cyber events

This session teaches you the difference between a cyber security event and a cyber security incident and explains how to react to cyber events.

✔ NIST ✔ SOC2 ✔ ISO27001 ✔ HIPAA

Identifying, reporting and
handling cyber incidents

Explore the essentials of handling cyber security incidents in this session, focusing on recognition, reporting, and the importance of timely responses.

✔ NIST ✔ ISO27001 ✔ HIPAA

How to handle cyber
security incidents: Part 1

Learn how to handle 5 cyber incidents based on previous sessions: ID fraud, oversharing, online ordering, bank fraud and parcel management.

✔ NIST ✔ ISO27001 ✔ HIPAA

How to handle cyber
security incidents: Part 2

Dive into practical strategies for handling key cyber incidents: access control, asset management, mobile devices, apps, and hybrid working.

✔ NIST ✔ ISO27001 ✔ HIPAA

Keep recruitment secure: HR cyber security essentials

Gain a behind-the-scenes understanding of why cyber security matters to everyone, not just HR professionals.

✔ SOC2 ✔ ISO27001 ✔ HIPAA

HR confidential: protecting sensitive data

Understand the importance of managing application data securely and the skills needed to protect sensitive information.

✔ SOC2 ✔ ISO27701 ✔ HIPAA

Securing the
Supply Chain: basics

Understand the basics of supply chain security, focusing on risk assessment and initial protective measures.

✔ NIST ✔ ISO27001 ✔ HIPAA

Secure onboarding:
welcoming new employees safely

Explore best practices for onboarding new employees, ensuring they adhere to your company’s cyber security policies from day one.

✔ ISO27001 ✔ HIPAA

Secure offboarding:
protecting your assets

Understand the importance of a secure offboarding process, including revoking access and protecting sensitive information when employees leave.

✔ NIST ✔ HIPAA

Securing the Supply Chain: advanced

Build on the foundational measures with advanced strategies to secure your supply chain against cyber threats.

✔ NIST ✔ ISO27001 ✔ SOC2 ✔ HIPAA

Mastering Encryption Techniques:
robust communication

Understand the fundamentals of encryption, cryptography and blockchain to secure your communication within your organization.

✔ SOC2 ✔ NIST ✔ ISO27001 ✔ HIPAA

What is the BDSG and when does it apply?

Learn how Germany’s BDSG complements the GDPR, when it applies, and to whom. Understand where European and German law intersect — and what that means in practice for your organisation.

The 6 fundamental and when does it apply?

The six principles of the GDPR also apply in Germany — but the BDSG makes them stricter in certain areas. With practical examples, you’ll learn exactly what Germany expects beyond the European standard.

Data protection rights under the BDSG

GDPR rights are familiar. The BDSG goes further, with additional rules for employees and public authorities. This module shows you where Germany raises the bar.

Organising data protection: from the DPO to data requests

The BDSG adds additional rules on appointing a Data Protection Officer, keeping records, and handling requests. Learn how to make compliance systematic rather than ad hoc.

Data protection in the workplace

Employee privacy is at the heart of the BDSG. After this module, you’ll know exactly what is allowed — and what isn’t — in everyday HR and workplace practice.

Winning trust in the automotive world

Learn what TISAX is, how it builds on ISO 27001, and why major automotive manufacturers require it. Discover how a label works — and how it creates new business opportunities.

Step by step towards a successful TISAX audit

Prepare step by step for audit readiness: define your scope, understand maturity levels, complete the VDA ISA, and choose the right provider. Save time and avoid costly mistakes.

The audit process explained

See what happens during a TISAX audit — from kick-off to evidence checks and final assessment. Understand what auditors look for and how to maximize your chances of success.

Strengthen your digital resilience under DORA

The Digital Operational Resilience Act (DORA) introduces binding cyber security requirements for financial entities and their ICT providers across the EU. It’s designed to ensure that critical players in the financial system can withstand, respond to and recover from digital disruptions. In this level, you’ll learn who DORA applies to, what’s expected under the regulation, and how to manage ICT risks more systematically. We’ll cover the key areas: risk management, continuous monitoring, incident response, testing, and third-party oversight.

Protecting payment data is everyone’s business

If your organization processes, stores or transmits payment card data, the Payment Card Industry Data Security Standard (PCI DSS) applies. The standard sets out clear rules to protect cardholder information and reduce the risk of fraud. In this level, you’ll learn when PCI DSS applies, what kind of data must be protected, and which technical and organizational controls are required. We’ll explore how to reduce risks, meet compliance expectations, and keep both customer data and your business secure.