Mandatory NIS2 training for the Board of Directors
From regulatory obligation to competitive advantage

The essential training programme for board members, designed to manage risk, ensure compliance and transform a regulatory obligation into a competitive asset.

Cybersecurity is Now Your Legal Responsibility

With Legislative Decree 138/2024 (NIS2), the paradigm has shifted. Delegating security to the IT department is no longer sufficient. The law now imposes direct responsibilities on top management.

  • Legal Responsibility of the Board: Cybersecurity has become a strategic and legal responsibility of the Board of Directors.
  • Demonstrable Accountability: You are required to demonstrate that you have understood the risks, approved policies, allocated adequate resources, and actively supervised the effectiveness of security measures.
  • Penalties and Personal Liability: Noncompliance results in penalties for the company of up to 10 million euros or 2% of global revenue, in addition to potential personal liability for directors.

This course provides you with the governance tools to address these obligations and protect your company.

Image
Image

Designed Exclusively for Strategic Decision-Makers

This program is not a technical course, but a high-level governance session, tailored for those who bear ultimate responsibility for corporate strategies and the protection of corporate value.

The course is essential for:

  • Board of Directors members
  • Chief Executive Officers (CEOs) and General Managers
  • C-level executives with responsibility for risk management and business continuity
  • Members of Supervisory Bodies (OdV 231)

The Key Skills You Will Acquire

GOVERNING

cyber risk at a strategic level

EVALUATE

the NIS2 classification of your company

SUPERVISE

mandatory measures and response to incidents

INTEGRATE

security in business decisions (M&A, suppliers)

UNDERSTANDING

the real threats to effective dialogue with IT

A Dynamic and Constantly Updated Course

The cyber threat landscape is constantly evolving. For this reason, our content is constantly updated to reflect the new tactics and procedures used by attackers.

In addition, each year the course is enriched with a new analysis section dedicated to the most significant and dangerous threats of the previous year, to ensure that you are always up to date and relevant.

Module 1: The Strategic Context and Your Responsibility

Understanding the transition from technical directive to legal and strategic responsibility of the board. We will analyze Legislative Decree 138/2024 and the key concepts that every director must govern, from the multi-risk approach to supply chain management.

Module 2: Scope of Application and Obligated Parties

Understand with certainty whether your company falls under NIS2 obligations. We will explore the crucial difference between essential and important entities, the different supervisory regimes (ex-ante vs. ex-post), and the direct implications for your liability.

Module 3: Security Obligations and Risk Management

Analyze the mandatory technical and organizational security measures that the board must approve and supervise. Master incident management and notification protocols with their strict deadlines (24h/72h) and understand the ACN's audit and sanctioning powers.

Module 4: Governance and Interaction with Authorities

Map the institutional ecosystem of national and European cybersecurity. Learn how to interact with the ACN as the competent authority, with CSIRT Italia in the event of incidents, and understand your role within European cooperation networks.

Module 5: Threat Vision and Risk Scenarios

Go beyond theory by analyzing real threats that impact business: double extortion ransomware, supply chain attacks, and APT groups. We will study real cases (Target, SolarWinds) to understand the concrete consequences of an incident.

Module 6: Strategic Decisions of the Board of Directors

Learn how to transform security from a cost center into a competitive advantage. We will define concrete actions for the board: from strategic budget allocation to active supervision through KPIs, to the creation of a solid culture of security starting from the top.

Special Module (Update 2025)

The Threat Landscape in Italy: Focus 2025

Understanding the rules is not enough if you don't know your enemy. This special section, updated annually, analyzes the most significant cyber threats facing Italian companies this year, based on the latest reports from the National Cybersecurity Agency (ACN) and industry observers.

Designed for Leaders: On-Demand Training You Can Listen to Anywhere

We know that time is your most valuable resource. That's why we've created a course that fits your schedule, not the other way around. We've abandoned traditional training models that force you to spend hours in front of a video, offering you a more flexible, intelligent and effective solution.

The Podcast Format: Maximum Flexibility

The core of the course is a series of audio lessons in podcast format, designed to be listened to whenever and wherever you want. Transform downtime into moments of high-level strategic training, without adding another fixed appointment to your calendar.


Listen to the lessons at your convenience:
  • While you are in the car during your daily commute.
  • During a business trip by train or plane.
  • While you are running or working out to burn off the hours of sitting at the office.

Support Documentation: Everything at Your Fingertips

Listening is powerful, but details are crucial. That's why every audio lesson is accompanied by comprehensive handouts in PDF format.

This documentation contains everything explained in the podcast: key concepts, regulatory references, risk analyses and operational checklists. It's the perfect tool for reviewing, delving deeper and always having a written guide at hand to consult before an important meeting.

Who Will Guide You on This Journey

For such a strategic issue, you don't need a technician, but a leader who speaks the same language as the business. An entrepreneur who understands the challenges of business management and an expert who masters cybersecurity.

Image

Antonio Capobianco

Entrepreneur, Chief Executive Officer and Lecturer in Cybersecurity

With over 30 years of experience, Antonio Capobianco is a leading figure in the field of technology and IT security in Italy. After graduating with honours in Information Science in 1993, he founded Fata Informatica in 1994, guiding it from an innovative start-up to a key cybersecurity partner for large companies and critical infrastructures.

His career bridges the academic and corporate worlds. He teaches Malware Analysis and Ethical Hacking at eCampus University, where he trains new generations of experts, while also managing complex projects for government agencies and large companies.

Why he is the perfect guide for your Board:

  • He speaks the language of business: As a CEO, he understands the challenges of budgeting, risk and strategic decisions.
  • He has in-depth technical expertise: His experience in the field and as a lecturer guarantees solid, up-to-date content.
  • He is an effective communicator: As the author of books and creator of successful podcasts, he knows how to translate complex concepts into clear, actionable information.

He is the author of Cybersecurity for Mortals and The Certified Information Security Officer, and creator of the podcast Cybersecurity & Cybercrime, consistently ranked in the top 5% of tech podcasts in Italy.

The responsibility is yours. The choice to be prepared is yours too

The NIS2 Directive has established a new standard of governance and accountability that cannot be ignored. Inaction or inadequate preparation are not just operational risks, but strategic choices with specific legal and financial consequences.

This course provides you with the knowledge, language and tools to govern cyber risk with the same authority with which you govern financial risk. It is a direct investment in the resilience of your company and the protection of your position as directors.