The module will cover basic concepts and relationships in the field of cyber and information security (CIS). The importance of CIS will be explained not only from the perspective of a CIS specialist but also from the perspective of a user of ICT and online platforms. The basic principles will be reviewed and current security threats according to ENISA Threat Landscape materials will be shown. As part of the practical exercise, participants will identify assets, threats, vulnerabilities and risks in their organizations. Additionally, participants will become familiar with the current legislative framework (Cybersecurity Act, Act on Information Technologies of Public Administration), the principles of the CIS management system according to ISO standards, the basics of business continuity management, as well as the tactics and techniques of attackers, including the MITRE ATT&CK and Cyber ​​Kill Chain frameworks.

The educational block focuses on developing critical thinking, identifying cognitive distortions and revealing argumentative fouls, which often play a key role in the spread of disinformation, propaganda and conspiracy theories. Participants will learn to analyze media content and discussions, recognize manipulative techniques, as well as evaluate the credibility of sources. The program includes theoretical lectures supplemented by interactive activities such as discussion and role-playing games, storytelling or model situations. Special attention is paid to the challenges of new media (clickbait, trolling, deepfakes, fake news) and effective strategies for coping with them. The aim is to strengthen the media literacy of participants and support their ability to navigate the online environment with a critical distance. The teaching is based on the active involvement of participants and reflection on practical examples from the current media environment.

The training module focuses on the issue of social engineering as one of the most common forms of cyber attacks aimed at manipulating users. Participants will become familiar with the basic principles and forms of attacks (phishing, spear phishing, vishing, smishing, baiting, spam) and learn to recognize the signs of fraudulent emails. Special attention is paid to the analysis of message content, as well as the technical analysis of email headers, including SPF, DKIM and DMARC protocols. The module includes practical demonstrations, analysis of real phishing emails and work with tools such as MXToolbox, Verifalia and Whois. The training includes an interactive phishing test and a discussion of the latest trends in fraudulent communication. The aim is to increase participants' resistance to manipulative techniques and strengthen their ability to respond effectively to suspicious messages.

The content of the module focuses on the basic aspects of safe work with ICT, including work with sensitive data. We will show how malicious code (malware) manifests itself, especially ransomware. Participants will gain an overview of the types of malware, their spread and impact on devices and infrastructure. The module also focuses on the security of mobile devices (especially with the Android and IOS operating systems) and participants will be able to review the basic security settings of these devices. The module will also focus on how to resolve security incidents from the user's perspective. The module will also explain some standard security measures, such as remote access to the device or the use of anti-malware solutions.

The module will focus on what digital identity means and how it affects user security. We will present the assumptions and main areas of digital transformation of society with an emphasis on people and the role of the state, while participants will gain an overview of tools for protecting digital identity, such as eSignature, eTimestamp and eID. We will focus on various ways of proving identification, in particular the use of passwords, including an explanation of multi-factor authentication. As part of this module, participants will also try working with password managers. The training will include an explanation of security risks in the online environment and the application of security measures. In addition, they will gain an overview of the basic principles of protecting digital privacy, including various forms of privacy, the use of cookies and the security of online payments.

The training module focuses on the legal aspects of information and communication technologies (ICT), offering an introduction to the basic concepts and areas of ICT law. Particular attention is paid to trusted services such as electronic signatures, certificates and digital legal acts, which play a key role in electronic communication. The module also clarifies the issue of intellectual property and its legal protection in the digital environment. The second part deals with the protection of privacy and personal data, including the rights of data subjects, cross-border data transfers and security measures. The third thematic area covers e-commerce, its types, the specificities of electronic contracts and the legal challenges arising from it. The aim is to provide participants with a practical legal framework for navigating the digital world.

The module focuses on the legal and criminal aspects of cybersecurity and cybercrime. Participants will be introduced to the concept of a cybersecurity incident, the roles of CSIRT/CERT teams, as well as the processes of notification and sharing incidents in both national and international contexts. Emphasis is placed on legal mechanisms for protection in the digital space, including international legal issues such as applicable law or jurisdiction in cross-border attacks. At the same time, criminal and procedural aspects of punishing cybercrime are discussed, including the specifics of investigation and evidence in the digital environment.