Security
Turn regulatory compliance into a documented operational standard
Structured, exam-backed online courses on EU and Finnish security regulations including NIS2, CRA, AI Act, and Katakri TL IV for professional teams.
For CISOs, IT leads, and compliance owners, regulatory shifts are not
just legal hurdles—they are operational risks. When a new directive
like NIS2 or the AI Act takes effect, the gap between knowing the
law
and demonstrating compliance
is where audits fail and
fines accrue. This page is for those managing recurring staff training
within their OpEx budget to ensure their teams can defend every
technical and administrative decision with article-level precision.
Structured, exam-backed training
We deliver online courses grounded in the actual text of EU and
Finnish regulations. We do not teach best practices
; we teach
the specific requirements of the law. Each course concludes with a
comprehensive final exam to provide verifiable proof of competence for
your internal records or external audits.
Match the course to the framework you must satisfy
Our current curriculum covers the most critical frameworks impacting EU and Finnish operations.
EU digital and AI governance
- NIS2 Training
- Master the requirements of Directive (EU) 2022/2555. Learn to identify your entity type (Essential vs. Important), manage the 24-hour/72-hour notification cadences (Article 23), and understand the personal liability of management bodies (Article 20).
- Cyber Resilience Act (CRA) Training
- Master Regulation (EU) 2024/2847 ahead of its December 2027
application date. Learn to classify
products with digital elements
under Article 3(1) and manage the essential cybersecurity requirements of Annex I. - EU AI Act Training
- Navigate Regulation (EU) 2024/1689. Learn to classify high-risk systems under Annex III and apply transparency duties to chatbots and emotion-recognition systems under Article 50.
Finnish security and infrastructure
- Katakri TL IV (Technical)
- Designed for network and system engineers. This course covers the technical requirements of Katakri 2020 Area I, from network zoning (I-01–I-05) to logging and anomaly detection (I-09–I-13).
- Katakri TL IV (Administrative)
- Designed for legal, procurement, and management. Focus on the legal foundations (906/2019, 1101/2019), authority approvals, and the ownership of residual risk.
- Domain-name Regulation
- Specifically for registrar and technical partners managing .fi and .ax domains. Learn to meet the strict reporting and technical requirements of Traficom Regulation 68/2016 M.
Why verifiable training matters
Compliance is not a state of being; it is a state of evidence. An
auditor will not ask if you have a security policy; they will ask how
you demonstrate that your staff understands and implements it. By
enrolling your team in structured courses that cite specific articles,
you move from a posture of we try to comply
to we are
trained to the requirements of Article X.