Blend
EN/ES

NIS2 Cybersecurity

Interactive Scenario | ~15 min Buy Full Course

What you'll practise

24-Hour Incident Reporting

Navigate the Article 23 early warning timeline — when to report, what to include, and what happens when you miss it.

Board-Level Accountability

Manage board notification when directors bear personal liability under Article 20. When do you tell them? How much?

Ransom Decisions Under Pressure

A timed decision: pay, negotiate, or refuse? With a 60-second countdown and 340,000 customer records at stake.

Evidence vs. Operations

Preserve forensic evidence or restore systems? The regulator needs root cause. Operations is losing €50K/hour.

Built for NIS2 board training

This scenario is designed for CISOs, board members, and senior executives at NIS2 essential and important entities. It covers Articles 20, 21, 23, and 32 of the NIS2 Directive with inline legal references. Play it once for awareness. Play it again to explore different paths.

How ready is your board?

You've seen what a NIS2 incident looks like. Now find out if your organisation could handle one — 7 questions, 2 minutes.

Take the NIS2 readiness assessment

Pricing

Annual site licence. Upload to your LMS in 30 minutes. Evidence your board can show an auditor.

Starter

Up to 50 employees

€690/year

€13.80 per learner

  • Interactive ransomware scenario module
  • SCORM 1.2 package
  • Completion & score tracking
  • NIS2 Article reference modals
  • Email support
  • Content updates included
Get Started
Most Popular

Growth

Up to 250 employees

€1,490/year

€5.96 per learner

  • Everything in Starter
  • Priority support
  • Board compliance reporting template
  • Renewal at €990/year
Buy Growth

Scale

Up to 1,000 employees

€3,990/year

€3.99 per learner

  • Everything in Growth
  • Dedicated account manager
  • Custom completion reports
  • Renewal at €2,490/year
Buy Scale

Custom Programme

Any size organisation

From €45,000
  • Scenarios built around your infrastructure
  • Your branding & company context
  • Facilitated board tabletop sessions
  • Bespoke role-specific modules
  • Incident response playbook integration
  • Ongoing measurement & iteration
Book a Call

All prices exclude VAT. 14-day refund policy.

Place Your Order

Fill in your details and we'll send you an invoice and SCORM download links within one business day.

You'll receive an invoice and SCORM download links by email within one business day. Payment by bank transfer or card.

Frequently Asked Questions

Who is this training for?
NIS2 Article 20 requires management bodies — board members, directors, and senior executives — to complete cybersecurity training and bear personal liability for compliance. This course is designed for them, not for IT teams who already understand the technical landscape.
How is this different from generic cybersecurity awareness training?
Generic awareness training teaches employees not to click phishing links. This course puts directors in the CISO's chair during a ransomware attack and makes them navigate 24-hour notification deadlines, ransom demands, and board-level accountability. It's the difference between reading about a fire drill and experiencing one.
What does 'personal liability' under NIS2 Article 20 actually mean?
Management bodies can be held personally liable for infringements of cybersecurity risk management obligations. National authorities can temporarily prohibit individuals from exercising managerial functions. This is not corporate liability — it's personal.
Which organisations need NIS2 training?
Essential entities (energy, transport, banking, health, digital infrastructure, public administration) with 250+ employees or €50M+ turnover, and important entities (postal, waste, chemicals, food, manufacturing, digital providers) with 50+ employees or €10M+ turnover.
We already have ISO 27001 certification. Do we still need this?
ISO 27001 covers your information security management system. NIS2 Article 20 specifically requires management body training — not just policy documentation. Having ISO 27001 is excellent. Having directors who understand what to do during a real incident is the gap this fills.
How long does the training take?
25 minutes for the interactive scenario. It's designed for directors with limited time — not a half-day workshop.
What LMS platforms are supported?
Any LMS that supports SCORM 1.2 — Moodle, TalentLMS, Cornerstone, Docebo, Canvas, Blackboard, and hundreds more.
What is your refund policy?
Full refund within 14 days if the SCORM packages have not been uploaded to an LMS. Contact support@blend.training.