Creating cyber security awareness culture, communicating risks, threats and their mitigation internally; specific training needs of the security officers, applying the newest training methods (online trainings, serious gaming, simulation)
The topics suggested by the community:
- Platform shared: awareness phishing
- Protecting personal data workshop
- Crisis management training/workshop
- Management/board training
- Setting up awareness toold catalogue
- Best practice sharing between NRENs
- Shared materials (e-learning, posters, films,...)
- Security coding (guedelines) training
Additional topics (25 October consultation):
- Framework for spheres, divided into sub-spheres, and examples of each
- Developing the Secure Code Training and secure Code Audit to general Services for NRENs, universities etc.
- Having a range of basic security awareness training courses would be useful - also completion stats/reporting would be valuable.
- Collaboration with local (countries) CERT/CIRT agencies/teams doing join shared actions
- TRANSITS like training for management level (crisis management 101)
- common tool, where you can measure whether people read your policies