Online training provides management boards with practical guidance on regulatory requirements
With the NIS2 Directive, thousands of companies in Germany are facing new regulatory requirements in the field of cybersecurity. G DATA CyberDefense is expanding the G DATA academy portfolio with a compact e-learning course designed to prepare executive management specifically for these requirements.
Since mid-December 2025, NIS-2 has been in force and places greater responsibility on management boards and executives for IT security than ever before. They are responsible for implementing and monitoring the directive and must possess the necessary knowledge. Effective immediately, the G DATA academy is offering an e-learning course that conveys the key aspects of the regulation. The six modules cover topics ranging from determining whether an organization is affected, to organizational obligations, and concrete measures in risk management and incident response. The content is based on the current legal framework and the German implementation act. For those requiring more in-depth information, a learning path featuring 14 courses is available. In addition to the six NIS-2 modules, it includes further training sessions, micro learnings, and security flashes. Topics include phishing, passwords, deepfakes, and cybersecurity for executives.
“The executive management assumes the role of a governing body for cyber risks under NIS2. Without a fundamental understanding, this role can hardly be fulfilled,” says Nikolas Schran, Vice President Sales and Marketing at G DATA CyberDefense.
“With this new course, we are also addressing the needs expressed by many of our customers by providing the necessary knowledge in a concise format.”Practice-oriented knowledgeThe NIS2 training consists of six modules and covers all guiding questions provided by the German Federal Office for Information Security (BSI) for executive management, supplemented with practical advice.
- Module one introduces the fundamentals of the NIS2 Directive and its implementation in Germany.
- Module two explains the importance of the registration requirement and shows how companies can systematically fulfill their legal obligations to cooperate.
- Module three provides a comprehensive overview of the requirements for effective risk management in accordance with NIS2 and the BSI Act.
- Module four focuses on concrete technical and organizational measures in the field of cybersecurity that must be implemented under NIS2.
- Module five demonstrates how significant security incidents can be identified, assessed, and managed in a structured manner, including reporting obligations and deadlines.
- Module six explains how regulatory supervision is structured in practice and which enforcement mechanisms may apply.
A ten-minute final test serves to systematically review and contextualize the key content from all modules. Upon passing, participants receive a certificate and a practical checklist.
The training package — consisting of the NIS-2 course and the comprehensive learning path — can easily be added to existing awareness training courses via the G DATA academy’s own learning management system. It is also available through SCORM streaming, enabling companies and organizations to integrate the content into their existing learning platforms. The NIS-2 course and learning path are available in both German and English.
The NIS-2 courses do not replace legal advice. However, they were developed on the basis of the “NIS-2 Executive Management Training – Preliminary Guidance for the Recommendation of Mandatory Training for Executive Management of Essential and Important Entities under the Draft NIS-2 Implementation Act” issued by the German Federal Office for Information Security (BSI).
Interested parties can request a demo version here.