Open training
NIS2: what Boards need to know
The training program explains the responsibilities of Executive Boards under NIS2, key risks, and effective methods to protect against cyber threats. You will gain knowledge that enables informed decision-making and effective collaboration with IT teams.
About the training
NIS2 in Practice: Responsibilities and Risks for Executive Boards
The NIS2 Directive requires Executive Boards to undergo annual cybersecurity training. This is not only a legal obligation but also a crucial element in protecting organizations from increasing threats. The training program provides practical knowledge and tools to effectively manage risks, avoid penalties, and comply with regulatory requirements—taking into account the responsibilities of Board members.
Gain the expertise that will enable you to make informed decisions and collaborate efficiently with IT teams.
Training objective
-
Understand the requirements of the NIS2 Directive and their impact on the organization.
-
Comprehend the cybersecurity responsibilities of the Executive Board.
-
Learn practical risk management and compliance with NIS2.
-
Discover the sanctions, penalties, and consequences of non-compliance.
-
Receive a certificate of completion, mandatory for Executive Boards under NIS2.
Target audience
The training is designed for Executive Board members and management staff of organizations subject to NIS2 regulations. It is especially recommended for those responsible for compliance, risk management, and cybersecurity. Participants will gain practical knowledge essential for adapting their organization to the new requirements.
The training concludes with a certificate that serves as the required documentation of participation in accordance with NIS2 regulations.
Training language
Training is conducted in Polish.
There is an option to organize the training in English.
Training methodology
The training is conducted through multimedia presentations and interactive discussions with participants, ensuring maximum engagement and knowledge retention.
Trainer
MONIKA SURMA
Graduate of National Security with a specialization in Crisis Management and Cybersecurity at Adam Mickiewicz University in Poznań. Lead auditor for information security management systems and business continuity management. Internal auditor for quality, environmental, and occupational health and safety management systems. Trainer in ISMS (Information Security Management System), risk management, cybersecurity, NIS2, and TISAX. She has completed dozens of projects for the public and private sectors, including conducting audits and implementing KRI, ISO 27001, UKSC, NIS2, and TISAX.
Training dates
Training program
Day 1
9.00-13.00
-
• Welcome and introduction
• Introduction to the NIS2 Directive
• what is the NIS2 Directive
• history, evolution and objectives of the NIS Directive
• reasons for introducing NIS2 and key differences from NIS 1
• sectors covered by the directive and qualification criteria
• scope of application – essential and important entities
• Importance of the NIS2 Directive for the Company
• consequences for the organization in case of non-compliance
• new obligations for company boards
• Key NIS2 requirements
• board responsibility for cybersecurity risk management
• incident reporting requirements
• ensuring appropriate security measures
• Incident reporting
• criteria and deadlines for reporting incidents
• procedures and board accountability for reporting
• Board’s role in ensuring compliance with the NIS2 Directive
• how the board can influence cybersecurity culture within the organization
• integrating cybersecurity with overall business strategy
• Board accountability
• board’s roles and responsibilities under NIS2
• legal and financial consequences of non-compliance
• Monitoring compliance and accountability
• methods for monitoring NIS2 compliance
• board responsibility for implementing and maintaining compliance
• Practical aspects of NIS2 implementation
• planning and implementation schedule
• steps for effective NIS2 implementation within the company
• board’s role in the implementation process
• Analysis of real-life cybersecurity breaches
• overview of known incidents and their impact on organizations
• analysis of board responses and lessons learned
• Examples of breaches and their consequences
• real-life case studies
• discussion of legal and financial implications of breaches
• analysis of consequences for the board and the company
• discussion on potential outcomes for the board and organization in case of violations
Training price
Price per participant: 2,900 PLN (net)
Terms of participation
The training price refers to the service granting the right to participate in a one-day training session for one participant.
The price includes training materials, a certificate, coffee breaks, and lunch during the training. The price does not include accommodation.
Payment shall be made based on a correctly issued VAT invoice within 14 days from the invoice acceptance date, to the organizer’s bank account indicated on the invoice.
Acceptance of the registration is confirmed via email sent to the address provided in the registration form.
The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the fee paid for the course. Written withdrawal of a participant’s registration at least 10 business days before the training start date will incur a cancellation fee of 30% of the training price. Written resignation submitted less than 10 business days before the training start date will be subject to a fee of 100% of the training price.
The training price listed in the training schedules is a net price, which should be increased by the applicable VAT rate.
The person/organization registering the participant authorizes, by expressing this consent, PBSG SA, headquartered in Poznań at Szyperska 14, to process the provided personal data for the purpose of order fulfillment.
Training participation certificates will be sent to participants upon meeting the condition of at least 70% correct answers on the knowledge test and after payment is settled.
To participate in the training, a registration form must be completed.
Submitting the registration form constitutes acceptance of the participation terms and consent for PBSG SA to process the personal data of registered participants for order fulfillment as well as for promotion and marketing of PBSG SA’s activities.
Organizational information
- Training quality
The training is conducted in accordance with the Quality Standards Book for Training Services.
Registration for offline training
Fill out this form if you want to participate in the offline training. If you are interested in online participation, please register here: Online Training Registration Form.
Submitting the registration constitutes acceptance of the participation terms.
Training dates
Training program
Day 1
9.00-13.00
- • Welcome and introduction
• Introduction to the NIS2 Directive
• what is the NIS2 Directive
• history, evolution and objectives of the NIS Directive
• reasons for introducing NIS2 and key differences from NIS 1
• sectors covered by the directive and qualification criteria
• scope of application – essential and important entities
• Importance of the NIS2 Directive for the Company
• consequences for the organization in case of non-compliance
• new obligations for company boards
• Key NIS2 Requirements
• board responsibilities:
• board responsibility for cybersecurity risk management
• incident reporting requirements and ensuring appropriate security measures
• Incident Reporting
• criteria and deadlines for reporting incidents
• procedures and board accountability for reporting
• Board’s role in ensuring compliance with the NIS2 Directive
• strategic approach to cybersecurity:
• how the board can influence cybersecurity culture within the organization
• integrating cybersecurity with overall business strategy
• Board Accountability
• roles and responsibilities of the board under NIS2
• legal and financial consequences of non-compliance
• Monitoring Compliance and Accountability:
• methods for monitoring NIS2 compliance
• board responsibility for implementation and maintaining compliance
• Practical Aspects of NIS2 Implementation
• planning and implementation schedule
• steps to effective NIS2 implementation within the company
• board’s role in the implementation process
• Analysis of real-life cybersecurity breaches:
• overview of known incidents and their impact on organizations
• analysis of board responses and lessons learned
• Examples of breaches and their consequences
• real-life case studies
• discussion of legal and financial implications of breaches
• analysis of consequences for the board and the company
• discussion of potential consequences for the board and company in case of breaches
Training price
Price per participant: 1,550 PLN (net)
Terms of participation
The training price refers to the service granting the right to participate in a one-day training session for one participant.
The price includes training materials and a certificate.
Payment shall be made based on a correctly issued VAT invoice within 14 days from the invoice acceptance date, to the organizer’s bank account indicated on the invoice.
Acceptance of the registration is confirmed via email sent to the address provided in the registration form.
The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the fee paid for the course. Written withdrawal of a participant’s registration at least 10 business days before the training start date will incur a cancellation fee of 30% of the training price. Written resignation submitted less than 10 business days before the training start date will be subject to a fee of 100% of the training price.
The training price listed in the training schedules is a net price, which should be increased by the applicable VAT rate.
The person/organization registering the participant authorizes, by expressing this consent, PBSG SA, headquartered in Poznań at Szyperska 14, to process the provided personal data for the purpose of order fulfillment.
Training participation certificates will be sent to participants upon meeting the condition of at least 70% correct answers on the knowledge test and after payment is settled.
To participate in the training, a registration form must be completed.
Submitting the registration form constitutes acceptance of the participation terms and consent for PBSG SA to process the personal data of registered participants for order fulfillment as well as for promotion and marketing of PBSG SA’s activities.
Organizational information
Online Training Participants will receive access to the training platform. On the day of the training, you need to log in to the platform. The training will start at the scheduled time. During the training, you will see a screen divided into three parts: presentation, trainer, and chat. Communication during the training takes place via chat.
Technical Requirements:
-
Hardware: Computer with internet access, minimum 1.6 GHz processor, minimum 4 GB RAM
-
Browser: The latest version of Chrome, Mozilla Firefox, or Safari
Training Quality
The training is conducted in accordance with the Quality Standards Book for Training Services.
Online training registration
Fill out this form if you want to participate in the online training. If you are interested in attending the offsite training, please register here: Offline Training Registration Form.
Submitting the registration form constitutes acceptance of the participation terms.
Organizers
