Developing policy and regulations
- Assessment of country’s cybersecurity maturity based on NCSI criteria
- Cybersecurity strategy and action plan/roadmap
- Baseline cybersecurity frameworks based on international standards/best practice
- Cybersecurity legislation development
- Gap analysis for harmonizing the current national legal framework with the EU NIS Directive
- Other specific policy documents
Deliverables: Strategy and action plan, draft legislation on cybersecurity, cyber security maturity assessment based on NCSI methodology
Achieving cyber resilience: development of capabilities and efficient cooperation between the public and private sectors
- Development of an organisational framework at the national level (roles and responsibilities), including a cybersecurity crisis management system
- Capacity building for CERT/CSIRT and cyber police departments
- Mapping of critical information infrastructure in line with the EU NIS Directive
- Critical information infrastructure protection – capacity building for essential service providers
- Implementing cybersecurity measures
- Risk assessment and risk management procedures/plans
Deliverables: Analysis and propositions for the organisational framework, CIIP mapping report, risk assessment, trainings, workshops, exercises.
Enhancement of the Cybersecurity Incident Management capabilities
- Gap analysis and identification of needs of these law enforcement agencies and CERTs/CSIRTs. Detection and analysis of current skills and training needs
- Development of collaboration mechanisms within the country, with international organisations & other countries
Deliverables: Gap analysis report, legal review, organisational framework on national/international level, guidelines, trainings, workshops, exercises.
- Development and direction of cybersecurity study visits and training courses (policies, frameworks, cyber hygiene)
- Development and implementation of cybersecurity exercises (incident management, crisis management)
- Development of awareness-raising activities (campaigns, materials)
Deliverables: Study visits, cyber hygiene trainings, table-top or technical exercises, awareness raising materials
The Cybersecurity Management training programme is designed for officials, policy planners, ICT managers and experts from national governments, responsible for information security.
National cybersecurity training programme improves cybersecurity awareness and readiness in order to ensure the security of countries advancing in e-governance. The course provides relevant knowledge about policy development, legislation and regulations, organisational capacity, security technologies, education and awareness, cooperation, research, and development, but also gives the overall understanding on the general topics of e-society development like interoperability framework and digital identity management as the bases for e-society.
Outcome of the training programme
- Understanding of the role of cybersecurity in information society
- Comprehensive understanding in how to organise cyber security at a national level, raise cyber safety awareness, and cooperate internationally
- Extensive knowledge in various subjects such as: data protection, cyber incident and crisis management, critical information infrastructure protection, baseline cybersecurity management, fight against cyber-crimes and terrorism, national cyber defense, cybersecurity policy development, cybersecurity organisations and their roles and responsibilities, legal framework, and national cybersecurity technologies.