Cybersecurity training for KSC compliance
From mandatory management training to practical formats for office staff and field teams. Materials in Polish, certificates, and a record for your audit documentation.
Management training (art. 8e KSC)
The KSC act requires the head of a key or important entity to undergo training once per calendar year (art. 8e). On the transitional path it is worth running the first training ahead of time, so that you stay within the deadline for implementing the obligations, that is around 3 April 2027.
- Format: live online classroom or on site at your premises.
- Materials in Polish, a certificate for each participant, and a record for your audit documentation.
- Scope: management duties, incident reporting, personal liability.
- Variants ranging from a short lecture session to a longer one with a tabletop exercise and a follow-up review call after a few months.
E-learning for office staff
One year of access to an e-learning platform in Polish: cyber awareness modules, a completion certificate, and an aggregate report for your documentation. The extended variant adds phishing simulations and a management report with metrics. Educating staff on cybersecurity is one of the measures required by art. 8 of the KSC act.
Training for field teams
Employees without computer access, such as operators, need a different format than e-learning. We deliver a toolbox talks package (short shift meetings led by supervisors), posters for technology sites, and optionally mobile microlearning. We tailor the scope to the number of employees and the specifics of the sites.
Related
- KSC/NIS2 Exposure Check, if you first want to establish your status and obligations.
- Cyber Insurance Evidence Check for evidence to support a policy.