The module will provide basic information on how the management of the CIS is carried out with regard to the legal regulations valid for the territory of the Slovak Republic as well as technical standards, especially the ISO/OSI 27000 family. The module will also provide information on current security threats and tactics and techniques of attackers. In the practical part, participants will try to identify activities, threats, vulnerabilities and risks. The module will also introduce the basics of a cybersecurity management system, the principles of business continuity management and security aspects of relationships with suppliers and third parties, including frameworks such as Cyber kill chain and MITRE ATT&CK. 

The content of this module will be the design and implementation of security measures for the field of cryptography. Participants will be introduced to basic symmetric and asymmetric ciphers, hash functions and digital signatures will be explained. Participants will be able to try out individual ciphers and better understand the essence of these cryptographic primitives. The possibilities of applying cryptographic mechanisms to ensure confidentiality, integrity and non-repudiation of data in practice will be presented, as well as their use within remote access and current security technologies.

The content of the module will be to provide basic information on how the KIB is managed with regard to the legal regulations valid for the territory of the Slovak Republic as well as technical standards, especially the ISO/OSI 27000 family. The module will also provide information on current security threats and tactics and techniques of attackers. In the practical part, participants will try to identify activities, threats, vulnerabilities and risks. The content of the module is the design and implementation of security measures for the area of ​​computer networks. The training participants will be provided with information on various mechanisms for securing a computer network, including security technologies such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS) or honeypots.  

Obsahom modulu sú činnosti potrebné k predchádzaniu vzniku kybernetických bezpečnostných incidentov (proaktívne činnosti) a činnosti nevyhnutné k reakcii na kybernetické bezpečnostné incidenty (reaktívne činnosti). V rámci modulu Pôjde najmä o nasledujúce témy bezpečnostné zraniteľnosti a ich životný cyklus, vyhodnocovanie a zverejňovanie, identifikácia a riešenie kybernetických bezpečnostných incidentov vrátane životného cyklu, digitálna forenzná analýza vrátane identifikácie a zaisťovania digitálnych stôp. Účastníci modulu si vyskúšajú riešenie jednoduchých kybernetických bezpečnostných incidentov z technického ako aj procesného pohľadu (tabletop cvičenie). Budú si môcť odskúšať spôsob identifikácie a zaisťovania digitálnych stôp, či vykonanie live forenznej analýzy.

The module focuses on developing communication and presentation skills necessary for successful management of a cyber security incident. Emphasis will be placed on assertive communication, effective feedback, solution-oriented communication, communication in solving problems in a team, and also on basic techniques for managing acute stress. Topics will also include identifying crisis situations, non-verbal communication, and principles of team cooperation. Participants will become familiar with the most common communication barriers, techniques for overcoming them, and the specifics of interaction under stress or in critical situations. 

Information and communication technology (ICT) law is an interdisciplinary legal field that deals with the regulation of legal relationships arising from the use of digital technologies and networks. The introduction defines the term ICT and outlines their significance for the digital society. An important part is the issue of trusted services, which include electronic signatures, seals, certificates and the legal effects of electronic documents. Intellectual property is addressed from the perspective of copyright and industrial property rights, as well as their protection in the digital environment. The protection of privacy and personal data is also important, including the rights of data subjects, the roles of controllers and intermediaries, as well as cross-border data transfer and storage. E-commerce law analyzes the forms of electronic contracts and the specifics of online trading, including its advantages and risks. It also includes the legal protection of consumers when using financial services and digital platforms. Overall, this area responds to rapid technological development and the need to ensure legal certainty in the digital environment.

The module addresses the legal framework of cybersecurity with a focus on addressing cybersecurity incidents and the related obligations of organizations. Participants will become familiar with the concept of a cyber incident and the roles of CSIRT/CERT teams that ensure prevention, detection and response to incidents. The module also discusses notification obligations of entities, practical aspects of incident resolution and sharing information about threats between organizations. Special attention is paid to international legal issues, such as determining jurisdiction and applicable law in cross-border attacks. The criminal law part of the module focuses on the facts of cyber crimes, as well as criminal procedural tools for investigating and seizing digital evidence. The module connects technical and legal perspectives in order to strengthen the ability of participants to navigate the legal aspects of cybersecurity.