Cybersecurity Policies and Practices in the EU – for non-IT Experts (Full course)

This training focuses on the policy aspects of cybersecurity, covering cybersecurity standards in the EU, how to adopt them and put them into practice. The course is offered entirely online, and you will be able to decide whether to complete two modules or one.

At the end of the course, you will receive a certificate of attendance.

Over the past decades, the internet and information and communication technologies (ICTs) have had a profound impact on our daily lives, becoming an integral part of our institutional and social fabric. The supply of critical services across many sectors, including emergency and security services, health, water and food, energy and electricity, banking and finance, commerce, transportation, communications and education is now heavily reliant on ICTs. Our reliance on the internet and digital technologies makes us more vulnerable to new threats, including cybersecurity attacks. These threats put the provision of critical services, as well as the EU’s economies, at risk and ultimately compromise the security and fundamental rights of EU citizens.

Breaches of information security are a major threat to the functioning of our society, jeopardising public services, businesses and the economy. Under the EU regulatory framework (e.g. GDPR, NIS, Cybersecurity Act) our cybersecurity risks need to be evaluated. Security controls need to be implemented in the information systems of our infrastructures where all procedures, personal data, people and objects are stored and exchanged in a secure manner. To plan and implement efficient security policies and to comply with the EU regulations, public authorities, organisations and professionals need to raise their cybersecurity awareness and fully develop the necessary skills. Professionals need to be aware of the various cybersecurity standards (e.g. ISO 27001, ISO 27005, ISO 28000, ISO 15408) and procedures that can help them to become compliant with the EU regulations and protect their daily work, organisation and sector.

This training focuses on the policy aspects of cybersecurity, covering cybersecurity standards in the EU, how to adopt them and how to put them into practice. This unique programme brings together the experience of cybersecurity, security, EU policy and public administration experts to provide a practical understanding of the challenges related to designing and implementing cyber-proof policies within organisations and sectors. The training is designed specifically for non-IT professionals, with the objective of providing participants with the knowledge and skill set necessary to deal confidently with cybersecurity measures within their sectors and organisations.

What you will learn

• cybersecurity: fundamental concepts and knowledge;
• legal and policy aspects of cybersecurity in the EU: EU directives, guidelines, regulations, initiatives;
• assessing cybersecurity risks: identifying threats, vulnerabilities and impact, in various critical sectors including emergency, health, water and food, energy and electricity, banking and finance, commerce, transportation, communications and education;
• cybersecurity management and governance: bodies involved, processes and policies to manage cyber risks;
• crisis communication, business continuity and disaster recovery planning;
• prevention: the components of comprehensive cybersecurity policies;
• formulating policies to strengthen cybersecurity resilience: how do I design policy measures to make my sector or organisation cyber resilient?

Course methodology and highlights

• The delivery of our online training programmes is planned following the input of our online pedagogy specialists, to provide you with a high quality and effective educational experience.
• In this online training, we adopt a comprehensive approach combining an in-depth overview of the legislative and policy considerations to be taken into account when formulating cyber-resilient measures, and practical training.
• We will provide practical guidelines and use case studies, good practices and hands-on simulation exercises to allow you understand, design, adopt and implement good cybersecurity measures in your work, organisation and sector.
• After this training, you will be able to use all the materials and practical exercises for your work.
• The programme of this online course is divided into two modules to offer you flexibility in adapting it to your needs.
• Module 1 focuses on the legal and policy dimension of cybersecurity in Europe and offers you an in-depth overview of the fundamental concepts in cybersecurity to understand relevant EU directives, guidelines and regulations.
• Module 2 will offer you practical training (no IT expertise required) on how to design and implement cybersecurity policies and practices to protect your daily work, organisation and sector. If you prefer to attend just one of the modules, you can click on Module 1 or Module 2.

This course will help you to further your understanding of EU cybersecurity policies and practices, in addition to providing you with excellent practical knowledge and hands-on training regarding cybersecurity vulnerabilities, threats, prevention and policies.

All the sessions of this course are live streamed, through a secure connection, to facilitate real-time interaction with our experts and other participants. In addition, by joining this course, you will have access to:

• membership of an international network of professionals, for peer-learning and exchanging best practices (please note, joining the network is optional)

You will also have access to the course materials for three months after the course on our e-learning platform.

• Recent reports warn us about cybersecurity skills gaps among non-IT experts across all sectors in the EU, including public officials, lawyers, administrative staff, healthcare professionals and database managers. The course is relevant for public officials, legal practitioners, database managers and professionals in the private sector.
• Whether you are a policymaker, interested in incorporating cyber resilience in your policies, or a professional who wants to make their work and organisation safer, this training is designed for you.
• Once you register, we will ask you for details about your own professional sector. We have over 20 case studies and will select the case studies on the basis of your individual needs.

Online Course
For this online course we make use of Zoom

Programme Organiser
Ms Eveline Hermens
Tel: +31 43 3296259
e.hermens@eipa.eu

Discounts
EIPA member fee
EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency

Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.

For all other participants, the regular fee applies

Early bird discount
The early bird discount is not cumulative with other discounts or promo codes, except for the EIPA member fee.

Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.

For all other participants, the regular fee applies.

Confirmation
Confirmation of registration will be forwarded to participants on receipt of the completed online registration form.

Payment
Prior payment is a condition for participation.

Cancellation policy
For administrative reasons you will be charged € 50 for cancellations received within 7 days before the activity begins. There is no charge for qualified substitute participants.

EIPA reserves the right to cancel the activity up to 1 week before the starting date. In that case, registration fees received will be fully reimbursed.