Introduction

As all of us working in this field are aware, a new era has dawned for European and, therefore, domestic cybersecurity with the implementation of the NIS 2 Directive. The NIS 2 Directive lays down much more detailed obligations and extends the scope of its applicability. It also covers actors who have not necessarily been subject to such obligations before. To support these actors in their efforts, the Black Cell has launched various programs to prepare them.
One of the many requirements of the NIS 2 Directive, along with many other laws and regulations, is comprehensive and recurrent information security awareness training for all employees and managers. Information security awareness and preparedness should be a priority for all organizations because, no matter how sophisticated an organization’s technical protections are, the weakest point is always the human being. In this regard, Black Cell aims to introduce something entirely new to its customers with the Black Cell Academy platform integrated into the Fusion Center application.

Black Cell Academy

The Black Cell Academy is an e-learning program that can be designed in a modular, role-based, measurable, and repeatable manner, regardless of the size and profile of the organization. It enables organizations to provide all employees with the appropriate level of cybersecurity awareness at work and at home, tailored to their role in the organization.

About the Platform

• E-learning: The platform can be accessed by all employees of the organization from anywhere, making it available through the Black Cell Fusion Center app at any time of the day with just a single click.
• Modular: The e-learning program includes ten educational modules covering key areas of information security, along with a GDPR module and a Situations module. The content of the modules differs for each role, ensuring that individuals acquire knowledge relevant to their responsibilities.
• Role-based: In every organization, regardless of its profile, there are a few organizational functions and job roles critical to information security awareness. However, the knowledge delivered to them varies, as they serve different functions within the organization. The platform divides the organization’s employees into four distinct roles, ensuring that the most relevant information is delivered in line with their role.
• Predictable and Programmatic: The one GDPR module, the ten educational modules, and the one Situations module are structured into 12 modules, providing a full annual program for all employees in the organization. Specific deadlines can be set by the organization’s management, taking into account its specific requirements.
• Measurable: Each module contains a set of input and output questionnaires compiled from a randomly generated set of questions for that module. The outcome of these assessments can provide management with the opportunity to measure progress and development, which can be displayed graphically to all users and managers. As users complete each module, they can earn badges and are ranked according to their progress and knowledge, allowing them to see their rank within the organization. This feature enables the organization’s management to provide different rewards to the best performers, while simultaneously encouraging employees to excel.
• Home and Organizational Use: The material delivered is suitable for both enterprise and home use. It contains examples, some of which are related to organizational situations, and some of which are related to home use. These examples, based on everyday situations and detailing the consequences, can help users see and understand the impact of their actions, thus assisting them in making better decisions and developing a general approach to cyber hygiene.
• Newsletter (Quarterly): Every quarter, each employee in the organization receives a thematic newsletter tailored to their role, keeping them informed about new trends, emerging threats, and risks to keep them alert.