— NIS2 COMPLIANCE · 2026
NIS2 requires training.
Not just
awareness.
How to strengthen compliance with the cybersecurity capability requirements of the NIS2 Directive (EU 2022/2555) through practical training, verifiable certifications, and continuous improvement of operational capability.
DIRECTIVE (EU) 2022/2555 · IN FORCE SINCE JANUARY 2023 · CITY & GUILDS ACCREDITED
— THE DIRECTIVE
NIS2 is not satisfied by awareness alone.
It requires training and real measures.
The NIS2 Directive (EU 2022/2555), in force since January 2023 and with a transposition deadline set for October 2024, strengthens governance, risk-management, and cybersecurity capability obligations for essential and important entities across the European Union.
ARTICLE 20 — GOVERNANCE
The management bodies of essential and important entities must approve and oversee cybersecurity risk-management measures, and must regularly follow training in order to gain sufficient knowledge and skills to identify risks and assess cybersecurity risk-management practices.
ARTICLE 21 — TECHNICAL AND OPERATIONAL MEASURES
Cybersecurity risk-management measures must include, among other elements, basic cyber hygiene practices and cybersecurity training, incident handling, crisis management, supply-chain security, and the assessment of the effectiveness of the measures taken.
Occasional awareness campaigns and stand-alone annual phishing exercises, on their own, are unlikely to be enough to demonstrate mature and practical cybersecurity capability.
// SECTORS COVERED BY NIS2 IN THE EU
Energy · Transport · Banking · Health · Water · Digital infrastructure · ICT services · Public administration · Space · Postal services · Waste management · Chemicals · Food · Manufacturing · Digital suppliers · Research
— NIS2 → PRACTICAL TRAINING
Every NIS2 requirement has a matching program.
25+ programs across 7 levels cover key areas related to NIS2 technical and operational requirements. Practical training: participants run real commands, resolve real incidents, and work on real systems — not multiple-choice tests.
CYBERIUM ARENA PROGRAMS
AREA RELATED TO NIS2
NX220 SOC Analyst (48h) · NX212 Windows Forensics (48h)
Incident management and response
ZX301 Penetration Testing (56h)
Security testing and vulnerability assessment
NX201 Network Research (40h) · ZX305 Network Security (48h)
Network monitoring and defence
NX229 Maximum Security
Crisis management and cyber exercises
NX215 Linux Forensics · NX216 Network Forensics
Digital forensics and evidence preservation
NX214 OSINT
OSINT and threat intelligence
CX401 Intro to ICS
ICS/SCADA security (critical infrastructure)
XE101 Intro to Cyber (32h) · XE103 Linux Fundamentals (40h)
Fundamentals for all employees
All programs are 100% practical: real terminals, real malware, and scenarios based on telemetry and evidence from real attacks.
Programs currently available with City & Guilds Assured certification
// INDIVIDUAL VERIFICATION
City & Guilds credentials can be verified individually through the unique URL included in each digital certificate.
· XE101 Intro to Cyber
· XE103 Linux Fundamentals
· XE105 Python Fundamentals
· NX201 Network Research
· NX212 Windows Forensics
· NX220 SOC Analyst
· ZX301 Penetration Testing
CX ICS/SCADA
ZX Offense
Offensive — Penetration Testing
​
NX Defense
Defensive — Network Research, Windows Forensics, SOC Analyst
XE Basics
Fundamentals — Cyber, Linux, Python
​
​
— DEMONSTRATE COMPLIANCE
Verifiable certifications.
City & Guilds
Selected ThinkCyber programs are available with City & Guilds Assured certification. Each issued credential can be verified individually through its own City & Guilds URL.
Assured.
// THE CLOSED LOOP
Specto+ detects → captures useful evidence for analysis → threats are turned into Cyberium scenarios → the team trains against realistic attacks → Detect → Assess → Train → Improve → Repeat
1U appliance · Fully air-gapped · No cloud dependency · Free forever · No limits · Launch Q3 2026 · Early access available
// MODULE 04
Phantom Bait
Internal deception assets designed to replicate trusted network nodes. Phantom Bait lures attackers and captures forensic evidence.
// MODULE 03
Anomalies
Custom rules. Detection of anomalous behaviour and baseline deviations.
// MODULE 02
Vulnerabilities & CVEs
CPE scanning. Inventory of known vulnerabilities in your infrastructure. No agents.
// MODULE 01
Active Attacks
Suricata IDS on a dedicated NIC. Real-time detection of intrusions, brute force, lateral movement, C2, and exfiltration.
— CONTINUOUS COMPLIANCE
Detect.
Assess.
Article 21 of NIS2 requires organisations to "assess the effectiveness of their cybersecurity risk-management measures". Specto+ helps close that loop: it detects real threats across the network, generates useful evidence for analysis, and enables findings to be turned into practical training scenarios.
Train.
Improve.
— PREPARATION ASSESSMENT
Does your organisation meet
NIS2 training-related requirements?
Do your SOC analysts train with real incident scenarios?
1.
When was the last practical cyber exercise completed by your team?
2.
Can you provide verifiable evidence of your team's competence to an auditor or customer?
3.
Do you currently have visibility into threats and malicious activity on your network?
4.
Request a free briefing session.
We will show you how your organisation can strengthen its readiness for NIS2-related requirements through practical training, verifiable certifications, and continuous capability improvement — using the same infrastructure trusted by CERT-IL, Microsoft, Israeli Police, and academies in 15+ countries.
MSPs & IT consultancies
Co-sell NIS2 training alongside your compliance services. Add certified cyber training to your offer.
CO-SELL WITH US →
Training centers & academies
Deliver NIS2 training to your corporate clients. White-label Cyberium Arena and build a new revenue stream.
BECOME A PARTNER →
— OTHER PATHS