About this online course
This training focuses on the policy aspects of cybersecurity, covering cybersecurity standards in the EU, how to adopt them and put them into practice.
Over the past decades, Internet and Information and Communication Technologies (ICTs) have profoundly impacted our daily lives, becoming an integral part of our institutional and social fabric. The supply of critical services is now heavily reliant on ICTs. Our reliance on the internet and digital technologies makes us more vulnerable to new threats, including cybersecurity attacks. These threats put the provision of critical services and the EU’s economies at-risk, and ultimately compromise the security and fundamental rights of EU citizens.
Breaches of information security are a major threat to our society’s functioning, jeopardizing public services, businesses, and the economy. Under the EU regulatory framework (e.g., GDPR, NIS, Cybersecurity Act), our cybersecurity risks need to be evaluated. Also, security controls need to be implemented in the Information Systems of our infrastructures, where all procedures, personal data, people, and objects are stored and exchanged securely. To plan and implement efficient security policies and comply with the EU regulations: public authorities, organisations and professionals need to raise their cybersecurity awareness and fully develop the necessary skills. Professionals need to be aware of the various cybersecurity standards (e.g., ISO27001, ISO 27005, ISO 28000, ISO15408) and procedures that can help them become compliant with the EU regulations and protect their daily work, organisation, and sector.
This unique programme brings together the experience of cybersecurity, security, EU policy, and public administration experts to provide a practical understanding of the challenges related to designing and implementing cyber-proof policies within organisations and sectors. The training is designed specifically for non-IT professionals, to provide participants with the knowledge and skillset necessary to confidently deal with cybersecurity measures within their sectors and organisations.
What is our approach to online teaching and learning?
The delivery of our online training programmes is planned following the input of our online pedagogy specialists to provide you with high quality and an effective educational experience. In this online training, we adopt a comprehensive approach, combining an in-depth overview of the legislative and policy-considerations to be considered when formulating cyber-resilient measures and practical training. We will provide practical guidelines, use case studies, good practices, and hands-on simulation exercises to allow you to understand, design, adopt, and implement good cybersecurity measures in your work, organisation, and sector.
This online course’s programme is divided into two self-standing and interconnected modules. Module 1 focuses on The issue of cybersecurity: European challenges and standards and Security Management and People. Module 2 focuses on Cybersecurity in practice. If you prefer to attend just one of the modules, you can click on Module 1 or Module 2.
How will it help you?
All classes will be held live and include an interactive component to allow you practice with the trainer and with fellow participants.
In addition, you have access to four extra Master Classes with exercises. All exercises are optional; however, we strongly encourage you to practice in order to gain practical skills.
By joining this course, you will have access to an international network of professionals for peer-learning and exchanging best practices. Please note that joining the network is optional.
At the end of the course, you will receive a Certificate. The course has been designed to match the European E-Competence Framework.
Participants who attended the course will master the following concepts and skills:
- Cybersecurity: fundamental concepts and knowledge
- Legal and policy aspects of cybersecurity in the EU: EU directives, guidelines, regulations, initiatives
- Assessing cybersecurity risks: identifying threats, vulnerabilities, and impact in various critical sectors, e.g., including emergency, health, water and food, energy and electricity, banking and finance, commerce, transportation, communications, and education
- Cybersecurity management and governance: bodies involved, processes and policies to manage cyber risks
- Crisis communication, business continuity and disaster recovery planning
- Prevention: the components of comprehensive cybersecurity policies
- Formulating policies to strengthen cybersecurity resilience: how do I design policy measures to make my sector/organization cyber resilient?
Who will benefit most?
Recent reports warn us about cybersecurity skills gaps, among non-IT experts across all sectors in the EU, including public officials, lawyers, administrative staff, healthcare professionals, database managers. The course is relevant for public officials, legal practitioners, database managers, professionals in the private sector.
Once you register, we will ask you for details about your own professional sector. We have over 20 case studies and will select the case studies on the basis of your individual needs.
Nineta Polemi
Haris Mouratidis
Practical information
Online Course
For this online course we make use of Zoom
Programme Organiser
Ms Juliette Mollicone-Boussuge
Tel: +352 426 230 304
j.boussuge@eipa.eu
Discounts
EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.
Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.
For all other participants, the regular fee applies.
Payment
Prior payment is a condition for participation.
Cancellation policy
For administrative reasons you will be charged € 50 for cancellations received within 7 days before the activity begins. There is no charge for qualified substitute participants. EIPA reserves the right to cancel the activity up to 1 week before the starting date. In that case, registration fees received will be fully reimbursed.
Tailor-made requests
We can tailor this specific programme to your exact needs. This could include but is not limited to specific topics or dates. If you are interested in this, please contact Ms Clara Cotroneo at c.cotroneo@eipa.eu
I have a question
The programme
- Monday, 12 April 2021 – Morning Session
- Tuesday, 13 April 2021 – Morning Session
- Wednesday, 14 April 2021 – Morning Session
- Thursday, 15 April 2021 – Morning Session
| Module 1 – Part 1: The issue of cybersecurity: European challenges and standards | |
| 08.45 | Welcome and introduction to the online seminar Clara Cotroneo, Lecturer, EIPA Luxembourg |
| 09.00
|
Cybersecurity in the EU: an introduction Clara Cotroneo |
| 9.40 | Q&A session and break |
| 09.45 | Fundamental concepts and the EU Cybersecurity environment Basic definitions and concepts; EU Cybersecurity stakeholders (e.g. ENISA, CSIRT-network, NIS Cooperation Group, EU cybersecurity agencies) Dr Nineta Polemi, Associate Professor, University of Piraeus, Dpt. of Informatics, Piraeus (GR) |
| 10.30 | Q&A session and break |
| 10.45 | Cyber Threat Intelligence and Standards
Dr Nineta Polemi |
| 11.30 | Q&A session and break |
| 11.45 | People the weakest cybersecurity and privacy link The relations between human activity, cybersecurity and privacy will be explored. Examples of breaches related to human actions will be presented: In particular intentional and not intentional cybersecurity threats and attacks and their impacts to the organisations Dr Haris Mouratidis, Director, Centre for Secure, Intelligent and Usable Systems, University of Brighton, Brighton (UK) |
| 12.30 | Q&A session and break |
| 12:45 | Personal Hygiene for Cybersecurity and Privacy What type of measures a simple user can undertake? Examples from Bring your own device (BoD) will be provided together with a short introduction on some guidelines for personal informational security and privacy Dr Haris Mouratidis |
| 13.30 | Q&A session and break |
| 13:40 | End of first part of Module I |
| Note: Before the next session (Tuesday morning) all participants will complete a multiple-choice quiz to check their understanding (optional) | |
| Module 1 – Part 2: Security Management and People | ||
| 09.00 | Introduction to Security Management
Dr Nineta Polemi |
|
| 9:45 | Q&A session and break | |
| 10:00 | Digital Transformation and Cybersecurity: the current challenges to keep in mind for the public sector Clara Cotroneo |
|
| 10:45 | Q&A session and break | |
| 11:00 | Cybersecurity and privacy policies in the EU’s digital decade Christian D’Cunha, Policy Officer, Cybersecurity and Digital Privacy Policy Unit, European Commission, Brussels (BE) |
|
| 11:45 | Q&A session and break | |
| 12:00 | How Cybersecurity is managed at the European Commission Ken Ducatel, Director DG DIGIT, Directorate for IT Security, European Commission, Brussels (BE) |
|
| 12:45 | Q&A session and break | |
| 13:00 | I am a Data Protection officer: which are my responsibilities? Florina Pop, Lecturer, EIPA Maastricht |
|
| 13.45 | Q&A session and end of Module I | |
Extra lectures available online to participants
At the end of the week, you will have access to extra online Master Classes. These lectures are optional and accompanied by optional readings and quizzes. You will be able to access and watch these lectures any time during the course.
| Master Class 1 | Digital Transformation and Cybersecurity: the current challenges to keep in mind |
| Master Class 2 | Handling confidential and sensitive data |
| Module 2 – Part 1: Cybersecurity in practice | |
| 08.30 | The EU regulatory cybersecurity framework in practice Explain in practical terms the EU cybersecurity directives e.g. NIS, GDPR Dr Nineta Polemi, Associate Professor, University of Piraeus, Dpt. of Informatics, Piraeus (GR) |
| 09.30 | Break and virtual networking |
| 09.45 | Cybersecurity Certification – Certification Act The Cybersecurity act and policy responses in different sectors Dr Nineta Polemi |
| 10:45 | Q&A session and break |
| 11.00 | Cyber Security Incident Handling Incidents can disrupt an organization, businesses and supply chains; business continuity plans and disaster recovery plans will ensure that organizations can respond and continue their operations. Examples from governmental disruptions. Haris Mouratidis, Director, Centre for Secure, Intelligent and Usable Systems, University of Brighton, Brighton (UK) |
| 11.45 | Q&A session and break |
| 12:00 | Keynote speaker AI and cybersecurity and the malicious uses of AI Philipp Amann, Head of Strategy, European Cybercrime Centre |
| 13:00 | End of the first part of Module II |
| Module 2 – Part 2: Cybersecurity in practice – Hands on Experience | |
| 08.45 | Guided in-class exercises on security management and personal cybersecurity and privacy hygiene Focus on personal experiences and present at the end. Small groups of participants Dr Nineta Polemi and Haris Mouratidis |
| 09.45 | Break |
| 10:00 | Guided in-class exercise on incident handling, Business Continuity and disaster recovery plans Dr Nineta Polemi and Haris Mouratidis |
| 10:45 | Seminar Review and knowledge testing It will cover the overall understanding of the seminar and it will test the knowledge of the attendees through a quiz (the trainees will have the next 60 minutes to return their responses) |
| 11:00 | Break |
| 11.15 | Workshop How do I create cyber security policies and procedures for my sector/organization? The starter tool kit Clara Cotroneo, Lecturer, EIPA Luxembourg |
| 12:45 | End of the second day and Module II |
What people say
There are no reviews yet.