Training

Business-Integrated Systematic Cybersecurity Training is a digital learning initiative that provides companies with practical support to build and strengthen a structured approach to cybersecurity.

Module 1 of the course is offered on 10 occasions in February, March, and April. See the schedule below.

Through two interactive modules, participants receive methodological guidance, advisory support, and practical tools to integrate recurring security activities into business and development processes.

The program is primarily aimed at SMEs developing digital products and services, but it is also relevant for industry, automation, and critical infrastructure. The focus is on risk management, compliance with regulations such as NIS2 and CRA, and on increasing organizational cybersecurity maturity and resilience.

The training focuses on establishing a baseline of recurring security activities within an organization – a “security calendar” of a few interconnected tasks designed to engage the organization broadly. The goal is to implement rolling risk, continuity, and incident management in a simplified way, helping the organization identify risks and meet both compliance and market requirements. This approach also supports identifying and protecting the organization’s most valuable assets.

Module 1: The Management System and Baseline Activities – What Do They Contribute?

• Identification of information/infrastructure within the organization that must be protected as key assets

• Overview of cybersecurity and general risk management requirements relevant to the organization and its customers

• Overview of general and specific threat landscapes affecting the organization and its customers

• Understanding the impact of potential disruptions and how to manage them if they occur

• Identification of security objectives, including delegation and follow-up

This is the first part of the training. To fully benefit from the program, participants also need to complete the second part (Module 2), which is presented after Module 1 is completed.

Module 2: A Cybersecurity Calendar – What Should Be Achieved Collectively and by Responsibility Area? Key compliance requirements under the new regulations:

• Management engagement

• Risk analysis based on the company’s societal significance

• Threats specific to critical operations

• Responsibility across the entire supply chain

Register (choose a course session):

6 February 
13 February 
20 February 
27 February 
6 March
13 March
20 March (In English)
27 March
10 April (in English)
17 April

Johanna Cederström
The training sessions are delivered by Johanna Cederström, a senior consultant in cybersecurity and risk management, with extensive experience supporting organizations in establishing practical, business-oriented approaches to security and regulatory compliance.