Training on the requirements of the NIS2 Directive

Training based on the practical aspects and obligations arising from the new NIS2 Directive.

About the training

Training on the requirements of the NIS2 Directive

A one-day training course during which participants will become familiar with the key aspects of the NIS2 Directive. The course participants will gain knowledge on how to meet cybersecurity requirements. Through lectures and practical workshop exercises, they will acquire skills related to the key elements of the NIS2 Directive, including its goals, principles, and requirements concerning the protection of critical infrastructure.

The detailed scope of the training is presented below.

The goal of the training

Training objectives:

    • Increasing cybersecurity awareness: The training aims to raise participants’ awareness of cybersecurity threats and the need to protect systems and data from cyberattacks.
    • Understanding the NIS2 Directive: Participants should understand the key elements of the NIS2 Directive, including its goals, principles, and requirements for the protection of critical infrastructure and essential services.
    • Identification and management of cybersecurity risk: The training should help participants identify and assess cybersecurity risks, as well as develop and implement effective risk management strategies.
    • Security measures for business continuity: The training should provide knowledge regarding the responsibilities of organizations in implementing appropriate measures that ensure business continuity in the event of cybersecurity incidents, minimizing potential damage, and restoring normal system operations.
    • Regulatory compliance: The training should assist participants in understanding how to meet legal cybersecurity requirements, including those of the NIS2 Directive, and how to avoid potential legal sanctions.

Target audience of the training

The NIS2 Directive training is aimed at employees at all management levels within organizations that are subject to, or may be subject to, new cybersecurity regulations. The course is designed to equip participants with the skills to identify, analyze, and manage risks in accordance with the requirements of the directive. It is particularly recommended for members of legal, IT, and security departments, as well as for anyone looking to expand their knowledge in the field of cybersecurity.

Although the training is open to all interested parties, we particularly encourage participation from management and board members who are directly responsible for ensuring their organization complies with the NIS2 requirements. Upon completion, participants will receive a certificate confirming the acquisition of practical knowledge aligned with Article 20(2) of the NIS2 Directive, which is essential for maintaining high standards of security and compliance within the organization.

Language of the training

The training is conducted in Polish.

However, there is the possibility of organizing the training in English upon request.

Training methodology

Achievement of the appropriate training outcomes is possible through the selection of both the right topics and training methods tailored to the specific needs of participants and the issues addressed in the training. Below are the methods and techniques we employ:

LECTURE
We deliver knowledge to participants using dedicated teaching aids, such as multimedia presentations. This forms the theoretical foundation of the training, where we introduce the topic, explain key concepts, and describe roles, processes, procedures, etc.

PRACTICAL EXAMPLES
As practitioners, we base the training program on real-life events presented in the context of specific issues. We help participants independently reach conclusions or solutions. Our training is highly focused on practice and the development of participants’ skills.

DISCUSSION
Participants express their opinions and exchange experiences. A well-structured discussion topic, often presenting at least two opposing views, typically generates strong emotional engagement. Discussions help develop a common solution or prepare arguments on a particular issue.

BRAINSTORMING
In a short time, we generate many ideas and solutions for specific problems and situations. We engage participants, stimulating their thinking and creativity.

EXERCISES
Practical tasks related to the training subject, such as creating processes, conducting case studies, etc. These tasks effectively complement the lecture and practical examples.

TESTS
We verify the participant’s knowledge and skills level, identify any competency gaps, and plan the educational process accordingly to enhance their abilities. Depending on the nature of the training, this can be done using various tools, such as knowledge tests and practical exercises.

SIMULATIONS
Simulations provide an excellent representation of reality, where participants actively engage and experience the consequences of their actions.

SUMMARY
At the end of each topic, we summarize the material covered. This process is carried out by the trainer and allows participants to review the key points of the topic while providing an opportunity to assess their understanding.

Trainer

MONIKA SURMA

A graduate of National Security with a specialization in Crisis Management and Cybersecurity from Adam Mickiewicz University in Poznań. Lead Auditor for Information Security and Business Continuity Management Systems. Internal Auditor for Quality, Environmental, and Health & Safety Management Systems. Trainer in the areas of ISMS, risk management, cybersecurity, NIS2, and TISAX. She has carried out dozens of projects for both the public and private sectors, including conducting audits and implementing Critical Infrastructure Protection (CIP), ISO 27001, UKSC, NIS2, and TISAX standards.

Offline training

Training program

Day 1

9.00-16.00

  •  Welcome and Introduction to the Training
  • What is NIS2? Who does it apply to? – Purpose and Scope
  • Overview of the NIS2 Directive: Definition, objectives, and scope.
  • Reasons for its creation and its impact on cybersecurity at the organizational level.
  • Key changes and obligations introduced by NIS2.
  • A comparison of the current NIS Directive with the new NIS2 Directive and its reach.
  • Break
  • Who is affected by the new NIS2 Directive and by when must changes be implemented?
  • Key vs. important entities under NIS2.
  • Explanation of which organizations are subject to the NIS2 security requirements.
  • NIS2 from an organizational perspective: What actions need to be taken?
  • Obligations of key entities vs. important entities.
  • Discussing the most important aspects and responsibilities within the organizational context.
  • Cybersecurity risk management in the context of NIS2.
  • Overview of the risk management process, risk management measures in cybersecurity, and incident management.
  • Break
  • Security Measures for Business Continuity under NIS2
  • Obligations of entities to implement measures ensuring business continuity in the event of cybersecurity incidents, minimizing potential damage, and restoring normal system operations.
  • Overview of incident reporting requirements and procedures.
  • Impact of the NIS Directive on Other Legal Acts
  • Discussion on the influence of NIS2 on other legal regulations.
  • Proposed changes to the National Cybersecurity System Act from July 2023: Presentation of key amendments and corrections made in recent months, with practical advice on how to implement these upcoming changes.

Training price

Price per participant: 2,900 PLN (net)

Conditions of participation

The price for participation in the one-day training is 2,900 PLN (net) per participant. The fee includes training materials, certificate, coffee breaks, and lunch during the training. Accommodation is not included in the price.

Payment is due based on a correctly issued VAT invoice, to be paid within 14 days from the invoice date. Payment should be made to the bank account specified on the invoice.

Registration is confirmed via email to the address provided in the registration form.

The organizer reserves the right to cancel the training. In the case of cancellation by the organizer, participants will receive a full refund of the training fee. If a participant cancels, written cancellation must be received at least 10 business days before the training date to incur a 30% cancellation fee. Cancellations received less than 10 business days before the training will incur a 100% cancellation fee.

The price listed in the training schedule is the net price, which should be increased by the current VAT rate.

By registering, the individual/organization consents to the processing of personal data provided in the registration form by PBSG SA, based in Poznań, at ul. Szyperska 14, for the purpose of fulfilling the order and for promotional and marketing activities.

Certificates of participation will be sent to participants who meet the conditions, including achieving a minimum of 70% correct answers on the knowledge test and payment of the training fee.

To participate in the training, please complete the registration form.

By submitting the registration form, you accept the terms and conditions of participation and consent to the processing of personal data by PBSG SA for the purposes of order fulfillment and promotional and marketing activities related to PBSG SA’s business operations.

Organizational information

  • Quality of training

Training conducted in accordance with the Training Service Quality Standards Handbook.

Registration for the In-Person Training

Fill out this form if you wish to participate in the in-person training. If you are interested in online participation, please sign up here: Online Training Registration Form.

Submitting the application means acceptance of the terms and conditions of participation.

Online training

Training program

Day 1

9.00-16.00

 Training Program – NIS2 Directive Requirements

  • Welcome and Introduction
  • Overview of the training goals and objectives
  • Brief introduction to the NIS2 Directive and its significance
  • What is NIS2? Who does it apply to? – Purpose and Scope
  • Explanation of the NIS2 Directive
  • Target audience: Who is affected by the NIS2 directive?
  • The scope and objectives of the directive
  • The Origins of NIS2, its Impact, and its Influence on Organizational Cybersecurity
  • The reasons behind the creation of NIS2
  • The scope and objectives of the directive
  • Impact on the cybersecurity posture of organizations
  • Key changes and obligations introduced by NIS2
  • Comparative analysis with the previous NIS Directive and its scope
  • Break
  • Who is Affected by NIS2 and the Deadline for Compliance?
  • Key vs. important entities under NIS2
  • Discussion on which organizations are subject to NIS2 security requirements
  • NIS2 from an organizational perspective: What actions need to be taken?
  • Obligations for key and important entities
  • In-depth discussion on the main aspects and obligations organizations need to address
  • Cybersecurity Risk Management in the Context of NIS2
  • Managing risk in cybersecurity under NIS2 requirements
  • Detailed explanation of the risk management process
  • Risk management measures and incident management
  • Break
  • Business Continuity Security Measures in NIS2
  • Obligations regarding continuity of operations in case of cybersecurity incidents
  • Ensuring minimal damage and restoring normal system functionality
  • Requirements for incident reporting and response procedures
  • Implementation of continuity measures in the context of NIS2
  • Impact of NIS Directive on Other Legal Acts
  • How NIS2 affects and interacts with other legal regulations
  • Key updates to the National Cybersecurity System Act (Ustawa o Krajowym Systemie Cyberbezpieczeństwa)
  • Presentation of the key amendments and corrections made in the July 2023 update
  • Practical guidance on implementing the upcoming legal changes in this area

Training price

Price per participant: 1,550 PLN (net)

Terms of participation

The price of the training is for the right of one participant to attend the one-day training.

The price includes training materials and a certificate.

Payment is due based on a correctly issued VAT invoice, to be paid within 14 days of the invoice date, to the bank account specified on the invoice.

Registration will be confirmed via email to the address provided in the registration form.

The organizer reserves the right to cancel the course. In case of cancellation, participants will receive a full refund of the fee paid for the course.

A 30% fee of the training cost will apply if the participant cancels in writing at least 10 business days before the training start date.

A 100% fee of the training cost will apply if the participant cancels in writing within less than 10 business days before the training start date.

The price listed in the training schedule is net, and the VAT rate will be added as applicable.

By submitting a registration form, the participant or organization authorizes PBSG SA, located at Szyperska 14 in Poznań, to process personal data for the purpose of fulfilling the training order.

Certificates of participation will be sent to participants who meet the following conditions: a minimum of 70% correct answers on the knowledge test and full payment received.

To participate in the training, the participant must complete the registration form.

 

Organizational information

Participants in the online training will receive access to the training platform. On the day of the training, you will need to log in to the platform. The training will begin at the scheduled time. During the session, you will see the screen divided into three sections: the presentation, the trainer, and the chat. Communication during the training will take place via the chat feature.

Technical Requirements:

Hardware Requirements:
A computer with internet access, processor speed of at least 1.6 GHz, and a minimum of 4 GB RAM.

Browser:
The latest version of Google Chrome, Mozilla Firefox, or Safari.

Quality of Training:

The training will be conducted in compliance with the Training Standards Handbook.

Registration for online training

Fill out this form if you wish to participate in the online training. If you are interested in in-person participation, please sign up here: Offline Training Registration Form.

Submitting the application means acceptance of the terms and conditions of participation.

Internal training

Dedicated Training Exclusively for Your Organization- this approach ensures comfort and flexibility, allowing you to thoroughly discuss specific issues and situations within your organization. We understand that each company is unique, which is why we tailor the examples presented to align with your organization’s specific needs and business context. By customizing the training content, we ensure that the acquired knowledge is effectively applied to your organization’s environment, making it more relevant and practical for your team.

Training program

Day 1

9.00-16.00

 

  • Welcome and Introduction
  • Introduction to the training topic.
  • Goals and expectations for the session.
  • What is NIS2? Who does it apply to?
  • Objective and scope of the NIS2 Directive.
  • Reasons for the creation of NIS2 and its impact on cybersecurity levels within organizations.
  • Key changes and obligations introduced by NIS2.
  • Comparison with the existing NIS Directive and its scope.
  • Break
  • Who is Affected by the NIS2 Directive and What are the Deadlines for Compliance?
  • Key entities vs. important entities – who is affected by NIS2.
  • Overview of organizations covered by NIS2 cybersecurity requirements.
  • NIS2 from the perspective of an organization – actions that need to be taken.
  • Obligations of key entities and important entities.
  • Discussion on the most important aspects and obligations for organizations.
  • Risk Management in Cybersecurity in the Context of NIS2
  • Overview of the risk management process.
  • Tools and measures for managing cybersecurity risks under NIS2.
  • Incident management and how to address cybersecurity incidents effectively.
  • Break
  • Security Measures for Business Continuity under NIS2
  • Implementing measures to ensure business continuity in the event of cybersecurity incidents.
  • How to minimize potential damage and restore normal operations after incidents.
  • Obligations and procedures for reporting incidents and ensuring compliance.
  • The Impact of NIS2 on Other Legal Acts
  • How NIS2 influences other cybersecurity laws and regulations.
  • Proposed changes to the National Cybersecurity System Act from July 2023.
  • Practical advice on how to implement upcoming changes and updates.
  • Conclusion and Summary of the Key Learnings
  • Recap of important topics discussed during the training.
  • Open floor for questions and feedback.

 

How does it work?

Step 1

REGISTRATION

In the first step, please fill out the registration form to let us know about your interest in organizing a dedicated training session for your company.

Step 2

DATE

We will set the date and location of the training – we will adapt to your availability and individual expectations.

Step 3

PRICE

We will present you with the commercial terms for organizing the training based on the agreed parameters and number of participants.

Step 4

TRAINING

We will conduct the customized training according to the agreed terms.

Ask for a quote for an internal training session

Organizers

Check out the program of other trainings!

Training

NIS2 training for boards of directors

Learn more
Training

DORA: Fundamentals, Risk Management, and Organizational Preparation

Learn more
Training

Training for an internal auditor according to the ISO/IEC 27001 standard

Learn more