Practical Approach to the National Cybersecurity System Act for Operators of Essential Services and Digital Service Providers.

A professionally prepared training covering key issues in the field of Cybersecurity, which will enable participants to ensure the required level of security for the provided essential/digital services.

About the training

An effective training for those who want to expand their knowledge of the practical approach to the requirements of the National Cybersecurity System Act.

The training is conducted in the form of lectures and workshops, ensuring the effective application of new knowledge and skills to practical actions. We focus not only on delivering theoretical knowledge but, above all, on providing effective, practical methods and techniques, as well as valuable experiences and best practices. The training lasts one day, and upon completion, participants will receive a certificate of attendance. During the training, key issues related to the KSC for Operators of Essential Services and Digital Service Providers will be discussed. The materials and exercises provided during the training will prepare participants to meet their responsibilities within the KSC framework.

Training objective

  • To acquire knowledge and competencies necessary for the substantive and practical preparation of participants to fulfill their responsibilities within the KSC framework.
  • To provide individuals responsible for cybersecurity with in-depth knowledge of the National Cybersecurity System.
  • To develop the skills required to ensure the security level of essential/digital services provided.
  • To discuss actions aligned with the developed documentation.
  • To enhance the practical application of procedures and best practices.

Target audience of the training

The training is aimed at cybersecurity teams and administrators of information systems used to provide essential/digital services. We invite individuals responsible for IT security in the organization, Information Security administrators, and others interested in this topic.

Language of the training

The training is conducted in Polish.

Upon request, we can also conduct the training in English.

Training methodology

Achieving the desired outcomes of the training is possible due to the appropriate selection of topics and methods tailored to the specific needs of the participants and the subject matter. Below, we present the methods and techniques we use:

  • LECTURE
    We provide knowledge to participants using dedicated teaching aids, such as multimedia presentations. This serves as the fundamental foundation of the training, during which we introduce the topic, discuss key concepts, and describe roles, processes, procedures, etc.
  • PRACTICAL EXAMPLES
    As practitioners, we base the training program on real-life events, presented to address specific issues. We assist participants in independently drawing conclusions or solutions. Our training is heavily focused on practice and the development of participants’ skills.
  • DISCUSSION
    Participants express their opinions and share experiences. A well-structured discussion topic, where at least two differing views clash, usually results in high emotional engagement. Discussions allow for the development of a common solution or help in preparing arguments related to the subject matter.
  • BRAINSTORMING
    In a short time, we generate many ideas and solutions for specific problems and situations. We engage participants, stimulate thinking, and encourage creativity.
  • EXERCISES
    Practical tasks related to the training subject, such as creating a process, conducting a case study, etc. These exercises serve as an effective complement to the lecture and practical examples.
  • TESTS
    We assess the participant’s level of knowledge and skills. Competency gaps are identified and we appropriately plan the educational process to enhance the participant’s skills. Depending on the training’s nature, this may involve various tools, such as knowledge and performance tests.
  • SIMULATIONS
    Simulations offer a great sample of reality, where participants act and experience the consequences of their actions in real-time.
  • SUMMARY
    After completing each topic, we summarize the material discussed. This step, carried out by the trainer, allows us to revisit the most crucial points related to the topic and gives participants the opportunity to verify how well they have absorbed the material.

Trainer

JACEK KNOPIK

A graduate of Document Management at Adam Mickiewicz University in Poznań. A Management Representative and Internal Auditor for Information Security, Quality, Environmental, and Occupational Health and Safety Management Systems. An expert in risk management in the areas of information security, GDPR, quality management, business continuity, and management control. Consultant, implementation specialist, trainer, and software tester for risk management tools. He has been responsible for implementing operational risk management systems compliant with ISO 31000 in organizations from the business sector, such as Allegro, CCC, and Kraków Airport. Project Manager for many implementation projects related to ISO 27001, ISO 22301, and the requirements of the National Cybersecurity System Act (KSC). For the past 3 years, he has been a trainer, conducting the Risk Manager ISO 31000 training. He also has over 5 years of experience in local government administration, focusing on document management, processes, management control, and the implementation of IT systems.

Offline training

Training program

Day 1
9:00 - 16:00

  • Welcome Participants
  • Introduction to the Practical Approach to the National Cybersecurity System (KSC) Act Requirements.
  • Main assumptions and practical requirements of the KSC Act.
  • Basic terms and definitions needed for daily operations.
  • Specific challenges and needs related to meeting the requirements of the KSC and the organization.
  • Essential Service Operators
  • The need to address the KSC requirements.
  • The biggest threats faced in daily operations.
  • How to ensure a high level of security?
  • Digital Service Providers
  • Understanding the obligations of digital service providers.
  • Essential vs. Digital Service Operators – What are the differences?
  • What should digital service providers ensure in their services?
  • Compliance Audit Challenges
  • The audit process.
  • Identifying non-compliance.
  • Scope and documentation of audits.
  • Lunch Break
  • Cybersecurity Management Processes – A Systematic Approach
  • Ensuring continuous compliance with KSC obligations.
  • Main challenges in effectively managing KSC-related activities.
  • NIS 2 Directive – What to Expect?
  • New areas covered by the NIS 2 Directive.
  • Changes NIS 2 will bring to cybersecurity within the EU internal market.
  • Difficult Questions and Discussions
  • Open Q&A session and discussion.

Training price

Price per Participant: 2,250.00 PLN (net)

Conditions of participation

Price

The price of the training covers the service, which is the right to participate in a one-day training for one participant. It includes training materials, a certificate, coffee breaks, and lunch during the training. Accommodation is not included in the price.

Payment will be made based on a correctly issued VAT invoice, within 14 days from the date the invoice is received, to the bank account of the organizer specified on the invoice.

Conditions

Acceptance of the application is confirmed by email to the address provided in the registration form.

The organizer reserves the right to cancel the course. In the case of cancellation by the organizer, participants will receive a full refund of the fee paid for the course. Written withdrawal of a participant’s application at least 10 business days before the training start date will result in a fee of 30% of the training price. Written resignation submitted less than 10 business days before the training start date will incur a 100% charge of the training price.

The price of the training listed in the training schedule is net, and should be increased by the current VAT rate.

The person/organization submitting the participant’s registration authorizes, by giving consent, the processing of the provided personal data by PBSG SA with its registered office in Poznań at Szyperska 14 for the purpose of fulfilling the order.

Certificates

Certificates of participation will be sent to the participants after meeting the conditions of at least 70% correct answers on the knowledge test and after payment has been made.

To participate in the training, you must complete the registration form.

Sending the registration means accepting the conditions of participation and consent to the processing of personal data of the registered participants by PBSG SA for the purposes of order fulfillment and promotion and marketing of PBSG SA’s activities.

Organizational information

  • Quality of Training

The training is conducted in accordance with the Book of Quality Standards for Training Services.

Registration for the In-Person Training

Fill out this form if you would like to participate in the Open In-Person Training. If you’re interested in online participation, please sign up here: Online Training Registration Form.

It is also possible to organize a closed training tailored to your specific needs: send an inquiry and receive a quote.

Submitting the registration means you accept the terms and conditions of participation.

Online training

Training program

Day 1
9:00 - 16:00

  • Welcome to Participants
    Practical Approach to the Requirements of the National Cybersecurity System Act (KSC):
  • What are the main assumptions and requirements of the KSC Act in practice?
  • Basic terms and definitions needed for daily work.
  • Specific daily challenges and needs related to meeting organizational requirements.
  • Critical Service Operators – the need to face the requirements.
  • The greatest threats that may be encountered in daily operations.
  • How to ensure a high level of security?
  • Digital Service Providers – understanding the obligations.
  • Critical Services Operators vs Digital Service Providers – what are the differences?
  • What should a digital service provider ensure within the scope of their services?
  • Challenges of compliance audits.
  • The auditing process.
  • Identifying non-compliance.
  • Scope and documentation of the audit.
    Lunch Break
    Cybersecurity Management Processes – A Systematic Approach.
  • How to ensure continuous fulfillment of obligations under KSC?
  • What are the main challenges related to properly managing KSC-related activities?
    NIS 2 – What’s Ahead?
  • New areas in NIS 2 detection.
  • What changes will NIS 2 bring for cybersecurity in the EU internal market?
    Questions Regarding Difficult Issues.
    Questions and Discussion.

Training price

The price per participant: 1,150.00 PLN (net)

Terms of participation

Price

The price for the training covers the service of granting one participant the right to attend the one-day training.

The price includes training materials and a certificate.

Payment should be made based on the correctly issued VAT invoice within 14 days from the invoice receipt date, to the bank account indicated by the organizer on the invoice.

Terms and Conditions

The acceptance of the registration is confirmed via the email address provided in the registration form.

The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the course fee. A written withdrawal of registration submitted no less than 10 business days before the training start date will incur a 30% cancellation fee of the course price. A written withdrawal submitted less than 10 business days before the start date of the training will incur a 100% cancellation fee of the course price.

The price for the training listed in the schedules is net, and it should be increased by the applicable VAT rate.

By submitting the registration, the individual/organization authorizes PBSG SA, located at Szyperska 14 Street in Poznań, to process the provided personal data for the purposes of order fulfillment.

Certificate

Certificates of participation will be sent to training participants after meeting the conditions of at least 70% correct answers in the knowledge test and payment completion.

To participate in the training, the registration form must be filled out.

Submitting the registration means accepting the terms of participation and consenting to PBSG SA processing the personal data of the registered participants for the purpose of order fulfillment, as well as for the promotion and marketing activities of PBSG SA.

Organizational information

  • Online Training Information:

Participants of the online training will receive access to the training platform. On the day of the training, you should log in to the platform. The training will start at the scheduled time. During the training, you will see the screen divided into three parts: presentation, trainer, and chat. Communication during the training will occur via the chat.

  • Technical Requirements:
  • Hardware Requirements:
    A computer with access to the Internet, a processor of at least 1.6 GHz, and a minimum of 4 GB of RAM.
  • Browser:
    The latest version of Google Chrome, Mozilla Firefox, or Safari.
  • Quality of Training:

The training will be conducted according to the Training Services Quality Standards Handbook.

Online training registration

Fill out this form if you would like to participate in the online training. If you’re interested in in-person training, please sign up here: Offline Training Registration Form.

It is also possible to organize a closed training tailored to your specific needs: send an inquiry and receive a quote.

Submitting the registration means you accept the terms and conditions of participation.

Internal training

Dedicated Exclusively for Your Organization – This approach ensures comfort and flexibility, allowing us to thoroughly discuss specific issues and situations within your organization. We understand that every company is different, and in order to effectively translate the acquired knowledge into your organization’s context, we tailor the presented examples to suit your unique needs and business situation.

Training program

Day 1
9:00 - 16:00

  • Welcome to the Participants
    Practical Approach to the Requirements of the National Cybersecurity System Act (Ustawa o KSC):
  • What are the main principles and requirements of the KSC Act in practice?
  • Key terms and definitions necessary for daily operations.
  • The specifics of daily challenges and needs related to meeting the organization’s requirements.
  • Critical Service Operators – the necessity to meet the requirements.
  • The biggest threats faced in everyday operations.
  • How to ensure a high level of security?
  • Digital Service Providers – understanding the obligations.
  • Differences between Critical Service Operators and Digital Service Providers.
  • What should a Digital Service Provider ensure within its services?
  • Challenges of compliance auditing.
  • The auditing process.
  • Identifying non-compliance.
  • Scope and documentation of the audit.
  • Lunch Break
  • Cybersecurity Management Processes – A Systemic Approach.
  • How to ensure continuous compliance with KSC requirements?
  • What are the main challenges related to conducting KSC-related activities properly?
  • NIS 2 – what to expect.
  • New areas in NIS 2 detection.
  • What changes will it introduce to cybersecurity in the EU internal market?
  • Difficult Topics Q&A
  • Questions and Discussion

How does it work?

Step 1

APPOINTMENT

In the first step, fill out the registration form to express your interest in organizing a dedicated training session for your company.

Step 2

DATE

We will set the date and location of the training – we will adapt to your availability and individual expectations.

Step 3

PRICE

We will present you with the commercial terms for organizing the training based on the agreed parameters and the number of participants.

Step 4

TRAINING

We will carry out the tailored training according to the agreed conditions.

Would you like to request a quote for an internal training session?

Check the program of other trainings

Training

NIS2 training for boards of directors

Learn more
Training

DORA: Fundamentals, Risk Management, and Organizational Preparation

Learn more
Training

Training on the requirements of the NIS2 Directive

Learn more

What do we do?

Information security

We help protect the key informational assets of your organization.

Check here

IT Security

We will enhance the resilience of your network and infrastructure against cyberattacks.

Check here

Personal data security

We enhance the level of personal data protection in your organization.

Check here

Cybersecurity

We conduct a threat assessment for your organization and help create a personalized cybersecurity plan.

Check here

Management control

We assist public entities in formulating goals, tasks, and conducting risk analysis.

Check here

Risk management

We offer comprehensive services in designing and implementing risk management systems.

Check here

Business continuity management

We will strengthen your organization’s resilience and prepare you for managing crisis situations and business continuity.

Check here

IT services management

We will build a set of principles and practices for delivering your IT services to end users.

Check here

erisk

Comprehensive risk management software. An efficient way to manage risk without spreadsheets.

Check here