[metaslider id=”4155″]
Cyber Resilience in Entities of the National Cybersecurity System
Cyber Resilience Leadership
The certificate obtained in this path confirms the cyber resilience competencies of the managers of the National Cybersecurity System (KSC) entities. These include:
- taking into account national and European legislation in the field of cybersecurity;
- overseeing, coordinating and executing tasks in the area of ICT infrastructure security;
- identifying and responding to cybersecurity threats to KSC entities;
- organising incident reporting processes;
- ensuring business continuity of networks and information and communication systems;
- managing information security;
- developing a crisis communication strategy;
- identifying anerifying cybersecurity risk information;
- applying methods and techniques related to risk estimation.
Please complete the form below if you are interested in this certification path. Completing it is voluntary and does not oblige you to participate in the programme.
General Information
The certification program complies with the PN-EN ISO/IEC 17024 standard Conformity assessment. General requirements for bodies operating certification of persons and is accredited by the Polish Centre for Accreditation (AC 261). Check our accreditation.
Certification under this program is voluntary. Certification services provided by NASK-PIB are open to all individuals on a non-discriminatory basis, provided they meet the requirements specified in the document Specification of competencies, criteria and assessment methodology for the ACE-CRL profile – profile for persons managing entities under the National Cybersecurity System (KSC) (ST3).
NASK understands the importance of impartiality, manages conflicts of interest and guarantees that certification activities are carried out impartially and objective. NASK has the resources necessary to conduct the certification proces.
The certification program is owned by NASK-PIB.
Who is the Certification Program for?
The program is intended for individuals involved in managing entities within the National Cybersecurity System (KSC), particularly members of boards, managing directors, supervisory board members, general directors, and members of management bodies in public administration entities (e.g., heads of local government units).
Competencies of the Certified Individual
The certified individual has knowledge of formal and legal regulations at the national and European Union levels related to cybersecurity.
They possess the skills to supervise, coordinate, and implement tasks related to the security of telecommunication infrastructure, including identifying and responding to cybersecurity threats to KSC entities.
They know how to organize the incident reporting process, ensure the continuity of information and communication systems, and manage information security.
Additionally, the certified individual has knowledge of creating crisis communication strategies and is able to identify and verify information related to cybersecurity risks. They are familiar with methods and techniques for risk assessment.
The certified individual knows best practices for ensuring telecommunication security, how to implement them, and the possibilities for certifying products, processes, services, and personnel competencies in cybersecurity.
The obtained certificate will confirm their professional preparation to manage cybersecurity in entities subject to the National Cybersecurity System Act and the NIS2 Directive.
Prerequisites
- higher education;
- at least 5 years of employment based on an employment contract, appointment, election, nomination, cooperative employment contract, or provision of services under another agreement, or self-employment;
- at least 2 years of managerial experience in a KSC entity (member of the board, supervisory board member, general director, head of a local government unit) or meeting the conditions set for auditors authorized to conduct security audits of information systems as specified in Article 15(2)(2)(a) in conjunction with paragraph 8 of the Act of July 5, 2018, on the National Cybersecurity System;
- no conviction by a final court judgment for an intentional crime;
- completion of training covering modules specified in the certification program.
Certification Process
The certification process includes the submission of an application by the individual seeking certification to the Certification Unit of NASK, followed by a review of the application, an evaluation, the issuance of the certification decision, and supervision of the issued certificate.
The Certification Unit of NASK ensures equal, non-discriminatory access to competency certification for all applicants.
Furthermore, the Certification Unit operates in accordance with the PN-EN ISO/IEC 17024 standard, ensuring that all decisions are made free from any pressures that could compromise the objectivity of the certification process.
