This training focuses on the policy aspects of cybersecurity, covering cybersecurity standards in the EU, how to adopt them and put them into practice.

Over the past decades, the internet and information and communication technologies (ICTs) have had a profound impact on our daily lives, becoming an integral part of our institutional and social fabric. The supply of critical services across many sectors, including emergency and security services, health, water and food, energy and electricity, banking and finance, commerce, transportation, communications and education is now heavily reliant on ICTs. Our reliance on the internet and digital technologies makes us more vulnerable to new threats, including cybersecurity attacks. These threats put the provision of critical services, as well as the EU’s economies, at risk and ultimately compromise the security and fundamental rights of EU citizens.

Breaches of information security are a major threat to the functioning of our society, jeopardising public services, businesses and the economy. Under the EU regulatory framework (e.g. GDPR, NIS2, Cyber Resilience Act, DORA) our cybersecurity risks need to be evaluated. Security controls need to be implemented in the information systems of our infrastructures where all procedures, personal data, people and objects are stored and exchanged in a secure manner. To plan and implement efficient security policies and to comply with the EU regulations, public authorities, organisations and professionals need to raise their cybersecurity awareness and fully develop the necessary skills. Professionals need to be aware of the various cybersecurity standards (e.g. ISO 27001, ISO 27005, ISO 28000, ISO 15408) and procedures that can help them to become compliant with the EU regulations and protect their daily work, organisation and sector.

This unique programme brings together the experience of cybersecurity, security, EU policy and public administration experts to provide a practical understanding of the challenges related to designing and implementing cyber-proof policies within organisations and sectors.

This training covers the current challenges related to non-technical aspects and some guidelines for Data Officers to have an awareness of responsibilities and measures that they can implement. The interplay between cybersecurity and AI will also be part of the discussion and the learning process.

The training is designed specifically for non-IT professionals, with the objective of providing participants with the knowledge and skill set necessary to deal confidently with cybersecurity measures within their sectors and organisations.

What you will learn

In this course you will learn about:

• cybersecurity: fundamental concepts and knowledge;
• legal and policy aspects of cybersecurity in the EU: EU directives, guidelines, regulations, initiatives;
• assessing cybersecurity risks: identifying threats, vulnerabilities and impact, in various critical sectors including emergency, health, water and food, energy and electricity, banking and finance, commerce, transportation, communications and education;
• cybersecurity management and governance: bodies involved, processes and policies to manage cyber risks;
• crisis communication, business continuity and disaster recovery planning;
• prevention: the components of comprehensive cybersecurity policies;
• formulating policies to strengthen cybersecurity resilience: how do I design policy measures to make my sector or organisation cyber resilient?

Course methodology

In this online training, we adopt a comprehensive approach combining an in-depth overview of the legislative and policy considerations to be taken into account when formulating cyber-resilient measures, and practical training.

Module 1 focuses on the regulatory cybersecurity framework and ecosystem. It offers the legal and policy dimension of cybersecurity in Europe providing you an in-depth overview of the fundamental concepts in cybersecurity to understand relevant EU directives, guidelines and regulations and how implement them within a cybersecurity framework.

Module 2 will offer you practical training on how to design and implement cybersecurity policies and practices to protect your daily work, organisation and sector

We will provide practical guidelines and use case studies, good practices, and hands-on simulation exercises to allow you to understand, design, adopt and implement good cybersecurity measures in your work, organisation and sector.

After this training, you will be able to use all the materials, and case studies for your work.

If you are eager to start already, register for our free digital course Cybersecurity Toolkit: How to create cybersecurity policies and procedures for your organisation.