Internal training
Practical Approach to the National Cybersecurity System Act for Operators of Essential Services and Digital Service Providers.
A professionally prepared training covering key issues in the field of Cybersecurity, which will enable participants to ensure the required level of security for the provided essential/digital services.
About the training
An effective training for those who want to expand their knowledge of the practical approach to the requirements of the National Cybersecurity System Act.
The training is conducted in the form of lectures and workshops, ensuring the effective application of new knowledge and skills to practical actions. We focus not only on delivering theoretical knowledge but, above all, on providing effective, practical methods and techniques, as well as valuable experiences and best practices. The training lasts one day, and upon completion, participants will receive a certificate of attendance. During the training, key issues related to the KSC for Operators of Essential Services and Digital Service Providers will be discussed. The materials and exercises provided during the training will prepare participants to meet their responsibilities within the KSC framework.
Training objective
- To acquire knowledge and competencies necessary for the substantive and practical preparation of participants to fulfill their responsibilities within the KSC framework.
- To provide individuals responsible for cybersecurity with in-depth knowledge of the National Cybersecurity System.
- To develop the skills required to ensure the security level of essential/digital services provided.
- To discuss actions aligned with the developed documentation.
- To enhance the practical application of procedures and best practices.
Target audience of the training
The training is aimed at cybersecurity teams and administrators of information systems used to provide essential/digital services. We invite individuals responsible for IT security in the organization, Information Security administrators, and others interested in this topic.
Language of the training
The training is conducted in Polish.
Upon request, we can also conduct the training in English.
Training methodology
Achieving the desired outcomes of the training is possible due to the appropriate selection of topics and methods tailored to the specific needs of the participants and the subject matter. Below, we present the methods and techniques we use:
- LECTURE
We provide knowledge to participants using dedicated teaching aids, such as multimedia presentations. This serves as the fundamental foundation of the training, during which we introduce the topic, discuss key concepts, and describe roles, processes, procedures, etc. - PRACTICAL EXAMPLES
As practitioners, we base the training program on real-life events, presented to address specific issues. We assist participants in independently drawing conclusions or solutions. Our training is heavily focused on practice and the development of participants’ skills. - DISCUSSION
Participants express their opinions and share experiences. A well-structured discussion topic, where at least two differing views clash, usually results in high emotional engagement. Discussions allow for the development of a common solution or help in preparing arguments related to the subject matter. - BRAINSTORMING
In a short time, we generate many ideas and solutions for specific problems and situations. We engage participants, stimulate thinking, and encourage creativity. - EXERCISES
Practical tasks related to the training subject, such as creating a process, conducting a case study, etc. These exercises serve as an effective complement to the lecture and practical examples. - TESTS
We assess the participant’s level of knowledge and skills. Competency gaps are identified and we appropriately plan the educational process to enhance the participant’s skills. Depending on the training’s nature, this may involve various tools, such as knowledge and performance tests. - SIMULATIONS
Simulations offer a great sample of reality, where participants act and experience the consequences of their actions in real-time. - SUMMARY
After completing each topic, we summarize the material discussed. This step, carried out by the trainer, allows us to revisit the most crucial points related to the topic and gives participants the opportunity to verify how well they have absorbed the material.
Trainer
JACEK KNOPIK
A graduate of Document Management at Adam Mickiewicz University in Poznań. A Management Representative and Internal Auditor for Information Security, Quality, Environmental, and Occupational Health and Safety Management Systems. An expert in risk management in the areas of information security, GDPR, quality management, business continuity, and management control. Consultant, implementation specialist, trainer, and software tester for risk management tools. He has been responsible for implementing operational risk management systems compliant with ISO 31000 in organizations from the business sector, such as Allegro, CCC, and Kraków Airport. Project Manager for many implementation projects related to ISO 27001, ISO 22301, and the requirements of the National Cybersecurity System Act (KSC). For the past 3 years, he has been a trainer, conducting the Risk Manager ISO 31000 training. He also has over 5 years of experience in local government administration, focusing on document management, processes, management control, and the implementation of IT systems.
Dedicated exclusively to your organization – this approach guarantees comfort and freedom to thoroughly discuss example issues and situations specific to your company. We understand that every business is unique, so to effectively apply the knowledge gained within your organization, we tailor the presented examples to your specific needs and business context.
Training program
Day 1
9:00 - 16:00
- Welcome Participants
- Introduction to the Practical Approach to the National Cybersecurity System (KSC) Act Requirements.
- Main assumptions and practical requirements of the KSC Act.
- Basic terms and definitions needed for daily operations.
- Specific challenges and needs related to meeting the requirements of the KSC and the organization.
- Essential Service Operators
- The need to address the KSC requirements.
- The biggest threats faced in daily operations.
- How to ensure a high level of security?
- Digital Service Providers
- Understanding the obligations of digital service providers.
- Essential vs. Digital Service Operators – What are the differences?
- What should digital service providers ensure in their services?
- Compliance Audit Challenges
- The audit process.
- Identifying non-compliance.
- Scope and documentation of audits.
- Lunch Break
- Cybersecurity Management Processes – A Systematic Approach
- Ensuring continuous compliance with KSC obligations.
- Main challenges in effectively managing KSC-related activities.
- NIS 2 Directive – What to Expect?
- New areas covered by the NIS 2 Directive.
- Changes NIS 2 will bring to cybersecurity within the EU internal market.
- Difficult Questions and Discussions
- Open Q&A session and discussion.
How does it work?
Step 1
REGISTRATION
As the first step, please fill out the application form to let us know your interest in organizing dedicated training at your company.
Step 2
DATE
We will arrange the date and location of the training — adapting to your availability and individual expectations.
Step 3
PRICE
We will present the commercial terms for organizing the training based on the agreed parameters and number of participants.
Step 4
TRAINING
We will deliver the dedicated training in accordance with the agreed terms.
