Publication date : 02/17/2025
Course : Implementing, governing and certifying an NIS 2 projectAchieving NIS v2 compliance successfully
Seminar - 2d
- 14h00 - Ref. NIS
|
Download in PDF format
Share this course by email
 | Understanding cyber risk issues and European responses |
| Integrate the security reference framework defined by the French government for the NIS directive |
| Understanding the changes between NIS 1 and NIS 2 |
| Learn how to implement and deploy them through case studies |
| Understanding the ANSSI certification process |
| Evaluate project implementation costs |
Intended audience
CISOs and security advisors, security architects, IT directors and managers, IT engineers, project managers (MOE, MOA), security auditors and IT regulatory lawyers.
Prerequisites
Basic knowledge of cybersecurity or knowledge equivalent to that acquired in the BYR and SSI seminars.
Course schedule
1 Introduction: the challenges of European cybersecurity
- Sensitive data: cyber theft, espionage, sabotage...
- New Cold War East/West, USA/China, West/Russia.
- Organized hackers, the role of intelligence agencies.
- APT (Advanced Persistent Threat), ransomware, targeted risks.
- The approach to cyberthreats: towards a "cyber Schengen"?
2 The essentials for CISOs
- For whom: essential and important entities, new eligibility and exclusion criteria.
- For which ecosystems? New business sectors and ESNs.
- Which rules? Of the 23 rules of NIS 1 plus "what it lacked".
- When? From 2024 to 2026...
- How can we help? With a controlled governance and certification process.
- What penalties? Graduated on sales, based on the example of the RGPD.
3 Safety measures
- NIS governance, protection, defense and resilience rules 1.
- Risk analysis and information systems security policies.
- Incident management.
- Business continuity and recovery, crisis management.
- Supply chain security.
- Security in the acquisition, development and maintenance of networks and information systems.
- Assessing the effectiveness of cybersecurity risk management measures.
- Basic cyber hygiene practices and cyber security training.
- Policies and procedures for the use of cryptography and, where applicable, encryption.
- Human resources security, access control policies and asset management.
- The use of multi-factor or continuous authentication solutions.
4 Compliance project management
- From gap analysis to compliance.
- Governance by risk: relevance of EBIOS RM in an NIS project.
- Repetition of existing security measures, and NIS 1 rules where applicable.
- The ANSSI certification process adapted to the NIS 2 directive.
- NIS 2 project milestones and resources.
5 Conclusion: on the road to certification
- Strong ISO 27K inspiration: link with ISO 27001 and new ISO 27002:2022 best practices.
- Consistent cyber-resilience: link with DORA and CER directives and regulations.
- French transposition: the parallel evolution of the LPM and OIV.
- Differentiated state controls (ex ante or ex post regulation).
- A penalty process comparable to the RGPD, the rules for the graduation of fines.
- The security of its ecosystem and critical stakeholders.
Customer reviews
4,6 / 5
Customer reviews are based on end-of-course evaluations. The score is calculated from all evaluations within the past year. Only reviews with a textual comment are displayed.
AURÉLIE R.
25/09/25
4 / 5
The subject matter is very interesting and covered by trainers who have mastered the content. I was a little disappointed with the content relating to the purely operational implementation of NIS 2. The course includes the notion of implementation, and I was expecting to see some form of NIS 2 implementation workflow. I also wonder about the distribution of the content: on the first day, we really only had 5 hours of training.
CYRIL G.
25/09/25
5 / 5
This course will help us to understand the NIS2 project that lies ahead, and is very well run.
OLIVIER T.
25/09/25
5 / 5
Very good
PARTICIPANTS
CISOs and security advisors, security architects, IT directors and managers, IT engineers, project managers (MOE, MOA), security auditors and IT regulatory lawyers.
PREREQUISITES
Basic knowledge of cybersecurity or knowledge equivalent to that acquired in the BYR and SSI seminars.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
CISOs and security advisors, security architects, IT directors and managers, IT engineers, project managers (MOE, MOA), security auditors and IT regulatory lawyers.
PREREQUISITES
Basic knowledge of cybersecurity or knowledge equivalent to that acquired in the BYR and SSI seminars.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Dates and locations
Select your location or opt for the remote class then choose your date.
Remote class
Dernières places
Date garantie en présentiel ou à distance
Session garantie