NIS2 training for boards of directors

NIS2 training for boards of directors

Training based on practical aspects and obligations arising from the new NIS2 Directive.

About the training

Training on the NIS2 Directive Requirements

A one-day training designed to comprehensively introduce participants to the issues related to the NIS2 Directive, aimed at improving the security of network and information systems within the European Union. Participants will familiarize themselves with the key requirements of the directive and its impact on organizational operations. Through lectures and practical workshop exercises, they will acquire the knowledge necessary to meet cybersecurity requirements, including those concerning obligations for critical sector enterprises and digital service providers, as well as the requirement to obtain a certificate confirming compliance with the directive.

The detailed scope of the training is presented below.

Training objective

  • Understanding the requirements of the NIS2 Directive and their impact on the organization.
  • Identifying the board’s responsibilities in cybersecurity.
  • A practical approach to risk management and compliance with NIS2.
  • Discussion of sanctions, penalties, and liabilities related to non-compliance.
  • Receiving a completion certificate, which is mandatory for boards in the context of NIS2.

Training recipients

The NIS2 Directive training is primarily aimed at board members and senior management of organizations that are or may be subject to the new cybersecurity regulations. The course is designed to provide participants with the knowledge necessary to effectively align their organizations with the requirements of the NIS2 Directive, including in the areas of risk identification, analysis, and management. The training is especially recommended for those responsible for decision-making regarding legal compliance, as well as for members of legal, IT, and security departments.

Participation in the training concludes with the issuance of a certificate confirming the acquisition of practical knowledge required by Article 20, paragraph 2 of the NIS2 Directive. Possessing such a certificate is crucial for maintaining high security standards and ensuring organizational compliance with cybersecurity regulations.

Language of the training

The training is conducted in Polish.

There is an option to organize the training in English.

Training methodology

The training is conducted in the form of multimedia presentations and interactive discussions with participants, ensuring maximum engagement and knowledge retention.

Trainer

MONIKA SURMA

A graduate of National Security with a specialization in Crisis Management and Cybersecurity from Adam Mickiewicz University in Poznań. Lead auditor for information security management systems and business continuity. Internal auditor for quality, environmental, and health and safety management systems. Trainer in the areas of ISMS, risk management, cybersecurity, NIS2, and TISAX. Has carried out dozens of projects for both the public and private sectors, including conducting audits and implementing KRI, ISO 27001, UKSC, NIS2, and TISAX.

Offline training

Training program

Day 1

9.00-13.00

  • Welcome to the participants
  • Introduction to the NIS2 Directive
  • What is the NIS2 Directive?
  • History, evolution, and objectives of the NIS Directive.
  • Reasons for introducing NIS2 and key differences compared to NIS 1.
  • Sectors covered by the directive and qualification criteria.
  • Scope of application – critical and important sectors.
  • The importance of the NIS2 Directive for the company
  • Consequences for organizations in case of non-compliance with the regulations.
  • New obligations for company boards.
  • Key NIS2 Requirements
  • Board obligations:
  • Responsibility of the board for managing cybersecurity risks.
  • Requirements for incident reporting and ensuring appropriate security measures.
  • Incident reporting
  • Criteria and deadlines for reporting incidents
  • Procedures and board responsibility for reporting
  • The Board’s role in ensuring compliance with the NIS2 Directive
  • Strategic approach to cybersecurity:
  • How the board can influence the cybersecurity culture within the organization.
  • Integrating cybersecurity into the overall business strategy.
  • Board responsibility
  • Board roles and obligations under NIS2
  • Legal and financial consequences of non-compliance
  • Monitoring compliance and accountability:
  • Methods for monitoring compliance with NIS2.
  • Board responsibility for implementing and maintaining compliance.
  • Practical aspects of implementing NIS2
  • Planning and implementation schedule
  • Steps to successfully implement NIS2 in the company
  • The board’s role in the implementation process
  • Analysis of real cybersecurity breach cases:
  • Discussion of known incidents and their impact on organizations.
  • Analysis of board responses and lessons learned.
  • Examples of breaches and their consequences
  • Case studies from real-life incidents
  • Discussion of real breach cases and their legal and financial impacts.
  • Analysis of consequences for the board and the company
  • Discussion on potential consequences for the board and the company in case of breaches.

Training price

Price per participant: 2,900 PLN (net)

Conditions of participation

The training fee covers the right to attend a one-day training session for one participant.

The fee includes training materials, a certificate, coffee breaks, and lunch during the training. Accommodation is not included in the fee.

Payment must be made based on a correctly issued VAT invoice within 14 days from the date of invoice acceptance, to the bank account specified on the invoice.

The acceptance of registration is confirmed via the email address provided in the registration form.

The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the fee paid for the course. A written withdrawal of registration at least 10 business days before the training start date will incur a fee of 30% of the training price. A written resignation submitted less than 10 business days before the training start date will result in a charge of 100% of the training fee.

The training fee listed in the training schedule is net and must be increased by the applicable VAT rate.

The individual/organization registering for the training authorizes PBSG SA, located at Szyperska 14, Poznań, to process the personal data provided for the purpose of fulfilling the order.

Certificates of participation will be sent to training participants after meeting the minimum requirement of 70% correct answers on the knowledge test and payment has been made.

To participate in the training, please complete the registration form.

Submitting the registration implies acceptance of the terms and conditions of participation and consent to the processing of personal data by PBSG SA for the purpose of fulfilling the order and for promotional and marketing activities conducted by PBSG SA.

Organizational information

  • Quality of training

The training is conducted in accordance with the Training Service Quality Standards Handbook.

Registration for in-person training

Fill out this form if you wish to participate in in-person training. If you are interested in attending online, please register here: Online Training Registration Form.

Submitting the registration means acceptance of the terms and conditions of participation.

Online training

Training program

Day 1

9.00-13.00

  • Training Program
  • Welcome of Participants
  • Introduction to the NIS2 Directive
  • What is the NIS2 Directive?
  • History, evolution, and objectives of the NIS Directive.
  • Reasons for introducing NIS2 and key differences compared to NIS 1.
  • Sectors covered by the directive and qualification criteria.
  • Scope of application – critical and important sectors.
  • Importance of the NIS2 Directive for the Company
  • Consequences for organizations in case of non-compliance with the regulations.
  • New obligations for company boards.
  • Key NIS2 Requirements
  • Board Obligations:
  • Responsibility of the board for managing cybersecurity risks.
  • Requirements for incident reporting and ensuring appropriate security measures.
  • Incident Reporting
  • Criteria and deadlines for reporting incidents.
  • Procedures and board responsibility for reporting.
  • The Board’s Role in Ensuring Compliance with the NIS2 Directive
  • Strategic approach to cybersecurity:
  • How the board can influence the cybersecurity culture within the organization.
  • Integrating cybersecurity into the overall business strategy.
  • Board responsibility:
  • Roles and obligations of the board under NIS2.
  • Legal and financial consequences of non-compliance.
  • Monitoring Compliance and Accountability:
  • Methods for monitoring compliance with NIS2.
  • Board responsibility for implementing and maintaining compliance.
  • Practical Aspects of Implementing NIS2
  • Planning and implementation schedule.
  • Steps to successfully implement NIS2 in the company.
  • The board’s role in the implementation process.
  • Analysis of Real Cybersecurity Breach Cases:
  • Discussion of known incidents and their impact on organizations.
  • Analysis of board responses and lessons learned.
  • Examples of breaches and their consequences.
  • Case studies from real-life incidents.
  • Discussion of real breach cases and their legal and financial impacts.
  • Analysis of consequences for the board and the company.
  • Discussion on potential consequences for the board and the company in case of breaches.

Training price

Price per participant: 1,550 PLN (net)

Conditions of participation

The training fee covers the service of the right to attend a one-day training session for one participant.

The price includes training materials and a certificate.

Payment must be made based on a correctly issued VAT invoice within 14 days from the date of invoice acceptance, to the bank account specified on the invoice.

Registration acceptance will be confirmed via the email address provided in the registration form.

The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the course fee. A written withdrawal from the registration at least 10 business days before the training start date will incur a 30% fee of the training price. A written resignation submitted less than 10 business days before the start date will incur a 100% fee of the training price.

The training fee listed in the training schedule is net and must be increased by the applicable VAT rate.

The individual/organization registering for the training authorizes PBSG SA, located at Szyperska 14, Poznań, to process the personal data provided for the purpose of fulfilling the order.

Certificates of participation will be sent to training participants after meeting the minimum requirement of 70% correct answers on the knowledge test and payment has been made.

To participate in the training, please complete the registration form.

Submitting the registration means acceptance of the conditions of participation and consent to the processing of the personal data of registered participants by PBSG SA for the purpose of fulfilling the order and for promotional and marketing activities conducted by PBSG SA.

Organizational information

Participants of the online training will receive access to the training platform. On the day of the training, you should log in to the platform. The training will start at the scheduled time. During the training, you will see the screen divided into three parts: presentation, trainer, and chat. Communication during the training will take place through the chat.

  • Technical requirements:
  • Hardware requirements: Computer with internet access, processor of at least 1.6GHz, and at least 4GB of RAM.
  • Browser: Latest version of Chrome, Mozilla Firefox, or Safari.
  • Quality of training
  • The training is conducted in accordance with the Training Service Quality Standards Handbook.

Registration for the online training

Please fill out this form if you wish to participate in the online training. If you are interested in attending the in-person training, please sign up here: Registration Form for Offline Training.

Submitting the registration form means acceptance of the terms and conditions of participation.

Internal training

Dedicated exclusively for your organization – this approach ensures comfort and flexibility, allowing us to thoroughly discuss specific issues and situations relevant to your organization. We understand that every business is unique, so to effectively translate the acquired knowledge into your organization’s context, we adapt the presented examples to your specific needs and business situation.

Training program

Day 1

9.00-13.00

  • Welcome of participants
  • Introduction to the NIS2 Directive
  • What is the NIS2 Directive?
  • History, evolution, and objectives of the NIS Directive.
  • Reasons for the introduction of NIS2 and key differences from NIS 1.
  • Sectors covered by the directive and qualification criteria.
  • Scope of application – critical and important sectors.
  • Importance of the NIS2 Directive for the Company
  • Consequences for the organization in case of non-compliance with the regulations.
  • New obligations for company management boards.
  • Key NIS2 Requirements
  • Management board duties:
  • Responsibility of the management board for managing cybersecurity risks.
  • Requirements regarding incident reporting and ensuring adequate security measures.
  • Incident reporting
  • Criteria and deadlines for incident reporting
  • Procedures and management board’s responsibility for reporting
  • Role of the Management Board in ensuring compliance with the NIS2 Directive
  • Strategic approach to cybersecurity:
  • How the management board can influence the cybersecurity culture in the organization.
  • Integration of cybersecurity with the overall business strategy.
  • Responsibility of the management board
  • Roles and duties of the management board arising from NIS2
  • Legal and financial consequences of failing to meet obligations
  • Monitoring compliance and responsibility:
  • Methods of monitoring compliance with NIS2.
  • Responsibility of the management board for implementing and maintaining compliance.
  • Practical aspects of implementing NIS2
  • Planning and implementation schedule
  • Steps for effective implementation of NIS2 in the company
  • Role of the management board in the implementation process
  • Analysis of real cybersecurity breach cases:
  • Discussion of known incidents and their impact on organizations.
  • Analysis of management board reactions and conclusions drawn.
  • Examples of breaches and their consequences
  • Case studies from real life
  • Discussion of real-life breach cases and their legal and financial consequences.
  • Analysis of the impact on the management board and the company
  • Discussion of potential consequences for the management board and the company in the case of breaches.

How does it work?

Step 1

APPLICATION

In the first step, please fill out the registration form to express your interest in organizing a dedicated training session for your company.

Step 2

DATE

We will set the date and location for the training – we will adapt to your availability and individual expectations.

Step 3

PRICE

We will present the commercial terms for organizing the training based on the agreed parameters and number of participants.

Step 4

TRAINING

We will conduct the tailored training according to the agreed terms.

Ask for a quote for an internal training

Organizers

Check the program of other trainings

Training

DORA: Fundamentals, Risk Management, and Organizational Preparation

Learn more
Training

Training on the requirements of the NIS2 Directive

Learn more
Training

Training for an internal auditor according to the ISO/IEC 27001 standard

Learn more