Cybersecurity Professional

Acquire the fundamental knowledge of cybersecurity concepts and best practices required to operate and maintain a cybersecurity programme and framework.

Register
Companies: request a proposal

Quick Access: Introduction· Why this course· What it enables· Frameworks and models· Value· Objectives· Target audience· Programme· Exam & Certification· Other information· Benefits· Logistics· Registration

Upcoming dates

Guaranteed dates.
Live, real-time training. Interaction with the instructor and the group.

26-Mar
Live Online • discounted edition
8-May
Live Online • base price
Duration: 2 days / 16h
Language: available in PT or ENG
Training: hands-on and case-study-based
Exam: 2h
SPECIALIST level – Advanced skills to address critical challenges in the field.

Why this course exists

To turn practices and requirements into structured decision-making and operational control.

Many organisations invest in technology, yet continue to fail at translating between technical risk, business impact and governance decision-making.
This course prepares professionals to structure cybersecurity with method, a common language, and decision capability.

What this course enables you to do

Structure

Organise cybersecurity by risk, controls, and executable priorities.

Translate

Convert technical risk into impact and language that management can understand.

Demonstrate

Support decisions and evidence in audit and compliance contexts.

Operationalise

Apply best practices and decision mechanisms in real scenarios.

Frameworks, models and structures covered throughout the course

Applicable frameworks
Risk models
Decision structures
Control examples
Practical cases
Adaptable templates

Value for the organisation

  • Reduced operational and reputational risk through more consistent control
  • Improved maturity (decision-making, prioritisation, evidence and governance)
  • Alignment between technical teams and management
  • Preparation for audits and applicable regulatory requirements

Introduction

The Cybersecurity Professional course is based on the most recent cybersecurity structures, including ISO/IEC 27001, ISO/IEC 27103 and NIST CSF 1.1 and 2.0. The course provides an overview of the latest legal and regulatory requirements and other well-known structures and legislative frameworks, such as, for example, the NIS vs. NIS 2 Directives — the Directive on measures for a high common level of cybersecurity across the European Union (NIS2), focusing on critical infrastructure; the Digital Operational Resilience Act (DORA) — which aims to strengthen the IT security of financial entities; the Cyber Resilience Act (CRA) — which adds cybersecurity to the criteria for obtaining the CE marking; the eIDAS Regulation — the regulation on electronic identification and trust services for electronic transactions in the internal market, including the Wallet regulation; and the proposal for an Artificial Intelligence Act.

The course follows a case-study approach adapted to real context so that participants are better prepared to apply concepts related to the latest cybersecurity practices in a real-world scenario. This course prepares participants to support the establishment and operation of a cybersecurity programme based on the most recent cybersecurity structures, provides fundamental knowledge of audit concepts, principles and best practices for auditing a cybersecurity programme, and gives an overview of the new EU Cybersecurity Certification programme.

The course prepares participants for the Certified Cybersecurity Professional certification. This certification has been developed and is maintained in accordance with the requirements of the international standard ISO/IEC 17024.

This course enables participants to acquire the fundamental knowledge and skills to operate and maintain a cybersecurity programme and framework based on the latest and recognised international best practices. The course covers the fundamental cybersecurity concepts and principles; cybersecurity frameworks and best practices; related legislation and regulations for governments and organisations; cybersecurity control best practices; and the components, operation and maintenance of a cybersecurity programme. The course presents a proposed approach to cybersecurity, designed and supported by international best practices, covers the fundamental concepts and principles for auditing a cybersecurity programme and framework, and finally includes an overview of the new EU Cybersecurity Certification.

The frameworks, regulations and legislation covered during the course include an overview of practices such as (but not limited to) ISO (ISO/IEC 27001, ISO/IEC 27032, ISO/IEC 27103), NIST (CSF 1.1 vs. 2.0), ENISA-EU (NIS vs. NIS 2, Cybersecurity Act, DORA, eIDAS, among others), ISACA, AXELOS, CIS Controls, among others relevant to the role of the Cybersecurity Professional.

This Training Plan and all associated documents are protected by Copyright and registered as a literary work with IGAC.

General Objectives

By the end of this course, students will be able to:

  • Understand the fundamental principles and concepts related to cybersecurity; and identify and understand current cybersecurity frameworks that can be used to support the implementation of a cybersecurity programme.
  • Apply mechanisms to operationalise a cybersecurity programme and framework, in order to support its implementation and maintenance.
  • Perform a cybersecurity risk assessment and identify and apply cybersecurity controls to mitigate risks and prevent incidents.
  • Understand the fundamental audit concepts and principles to support the audit of a cybersecurity programme and framework.
  • Have an overview of the new EU cybersecurity certification scheme.
  • Possess the necessary knowledge to successfully take the “BEHAVIOUR Certified Cybersecurity Professional” certification exam and obtain a personal certification.

Target Audience

  • Information Security and Cybersecurity professionals who need to consolidate foundations and best practices.
  • Consultants and auditors (or future auditors) who require a common language, structure and evidence for compliance contexts.
  • IT/management professionals responsible for supporting the operation and maintenance of a cybersecurity programme/framework.

Prerequisites

There are no mandatory formal prerequisites. However, this course is recommended for professionals with basic knowledge of information systems, networks, security, or organisational technology contexts.

It is particularly suitable for those who want to structure a solid and practical view of cybersecurity, integrating technical concepts, risk and applicable best practices in a professional environment.

Additionally, other specific requirements may apply, where relevant, depending on the quotation/proposal presented (please refer to the proposal).

Programme

Fundamental concepts; frameworks and controls
  • Course introduction
  • Fundamental cybersecurity concepts and principles
  • Fundamental concepts and introduction to cybersecurity frameworks
  • Cybersecurity frameworks and recent best practices
  • Cybersecurity legislation and regulation for government bodies and organisations
  • Cybersecurity control best practices
Operation and maintenance; audit; EU certification
  • Components and functions of a cybersecurity framework
  • Introduction and approach to implementing a cybersecurity programme
  • Implement, operate and maintain a cybersecurity framework as part of a cybersecurity programme
  • Introduction to audit concepts, principles and best practices for auditing a cybersecurity programme
  • Overview of the new EU Cybersecurity Certification

Exam(s) and Certification

“Certified Cybersecurity Professional (CSP)” exam

The “Certified Cybersecurity Professional (CSP)” exam covers the following competence domains:

  • Domain 1: Fundamental cybersecurity concepts and principles
  • Domain 2: Cybersecurity frameworks and controls
  • Domain 3: Components, operation and maintenance of a cybersecurity programme
  • Domain 4: Fundamental concepts and principles for a cybersecurity audit

 

Language(s): Portuguese and English (contact BEHAVIOUR for availability in other languages).
Duration: 2 hours (120 minutes).
Exam type: Open-ended questions based on a case study and related to the competence domains.
Scoring: 6 questions.
Passing score: 700/1000 points.
Results: “Pass or Fail”
Retake: 1 free retake within 1 year after the initial exam.

Certification (levels and requirements)

After successfully completing the certification exam, and signing the contract/code of ethics, candidates may apply for one of the two levels available under this people certification scheme, depending on their level of experience.

  • Certified Associate Cybersecurity Professional: no prior experience is required.
  • Certified Cybersecurity Professional: 2 years of experience in information security and/or cybersecurity in the related competence domains.

A Certificate and a digital Certification Badge (i.e., “badge”) will be issued to participants who successfully complete the certification exam and meet all requirements for the certification level they apply for.

The “Certified Cybersecurity Professional” people certification programme was designed and is maintained in accordance with the ISO/IEC 17024 standard.

Certification programmes are valid only for individuals (not companies) and certification and maintenance depend on the exam result, professional experience, and the commitment to and compliance with the contract/code of ethics. If the professional does not comply with the contract/code of ethics, certification is not granted or is revoked

Other Information

General Information
  • Training delivered in Portuguese or English
  • Training materials for online delivery in Portuguese or English, with online access, and according to the awarded conditions
  • Behaviour digital Training Attendance Certificate with 16 CPD/CPE credits
  • Online Certification Exam in Portuguese or English. The exam can be taken up to 2 months from the course start date
  • If the candidate does not pass the exam, they are entitled to one free retake within a maximum period of 2 months from the date the initial exam grade is released
  • Digital Certification Diploma and digital Certification Badge, after successfully passing the exam and completing the application process. This process has no associated cost
Instructor(s)

Our professionals are recognised specialists in cybersecurity, including specialists, consultants and auditors, with several years of experience in consulting, implementation, auditing and cybersecurity training, and in various related regulations and legislation worldwide, including NIST cybersecurity frameworks, ISO/IEC 27001, ISO 22301, COBIT, CIS, among many others.

Some of our specialists work directly on improving these practices through their participation in the specific committees responsible for them in various countries.

Benefits

View benefits
  • The Cybersecurity Professional course is based on BEHAVIOUR’s pedagogical model and on a certification programme in accordance with the ISO/IEC 17024 standard, which defines the requirements for the certification of persons, in line with ISO recommendations.
  • The Cybersecurity Professional course is oriented towards the acquisition of knowledge of best practices for operating, supporting, and maintaining a cybersecurity programme and framework within an organisation.
  • The course enables participants to acquire a common understanding of concepts, definitions, threats, and best practices related to cybersecurity in an organisational context.
  • The participant, and consequently the organisation, will be better prepared to deal with potential threats and attacks that may affect the organisation’s objectives.
  • The participant will be better able to support the implementation of a cybersecurity programme and framework within the organisation.
  • The organisation will be able to implement a baseline of critical controls to address challenges and threats associated with cyberspace.
  • The certification exam is monitored by an official BEHAVIOUR administrator.
  • The Cybersecurity Professional certification exam is taken after the course and consists of open-ended/development questions based on a case study.
  • Upon passing the exam and after applying for certification, the professional attains one of the certification levels. If the candidate does not pass the exam, they are entitled to one free retake within a maximum period of two months.

Logistics

Useful information
  • Live Online (synchronous delivery): 9:30–17:30 (Lisbon, GMT 0), including a lunch break and short intervals.
  • On-site / In-person (synchronous delivery): 9:30–17:30 (Lisbon, GMT 0), including a lunch break and short intervals.
  • Duration: 16 hours of synchronous sessions + 2 hours of guided self-paced work (exercises and content consolidation).
  • Requirements: computer with a stable internet connection, web browser, PDF reader, and audio/video capability.
Hotels – Lisbon

Find out where to stay in Lisbon, near Behaviour, for in-person training.

Registration

Fill in the form to register for the edition you want. Check the upcoming dates

Nome pessoa contacto

Request more information

If you need to frame the course for your context (professional or organisational), contact us and we will indicate the appropriate pathway.
Request Information

Companies: request a proposal

For team registrations, we provide volume conditions and a proposal tailored to organisational needs.
Request a Proposal