Training and Capacity Building Modules
This section presents the theoretical training courses developed within the SAND5G project, aimed at strengthening cybersecurity knowledge and skills across modern digital environments. These modules cover key topics such as threat awareness, intrusion detection, digital health security, and threat intelligence, providing participants with a solid conceptual foundation in cybersecurity.
Designed for a wide range of stakeholders, including operators, regulators, researchers, industry professionals, as well as the broader public, the courses focus on enhancing understanding of emerging threats, security tools, and best practices. Each module contributes to building capacity and supporting informed decision-making in securing next-generation networks and digital services.
All courses include a short quiz at the end, allowing participants to assess their understanding and reinforce the key concepts covered throughout the training.
Social Engineering Awareness Module
Understand how cybercriminals exploit human behavior, not technical flaws. This course covers common social engineering attacks – phishing, smishing, vishing, spear phishing, baiting, and physical intrusions – and the psychological tactics behind them, such as urgency, trust, fear, and guilt.
Learn practical defenses to protect yourself and your organization, including verifying requests, safeguarding personal information, recognizing warning signs, and following workplace security best practices. A short quiz at the end reinforces key concepts, helping participants become informed and alert – the strongest defense against social engineering threats.
HoneyPot Training – Understanding Cybersecurity Traps
This course introduces honeypots – decoy systems used to attract, detect, and analyze cyberattacks – helping participants better understand and respond to cybersecurity threats. It covers their purpose, types (from low- to high-interaction), and use in detecting attacks, gathering intelligence, and diverting threats from production systems. Through practical examples such as fake SSH login pages and malware-collecting honeypots, participants learn how honeypots are deployed, how data is collected, and how attacks are analyzed.
The course also highlights key advantages, including precise data collection, reduced false positives, and resource efficiency, while addressing limitations such as coverage gaps and legal or ethical considerations under the General Data Protection Regulation (GDPR). It presents deployment strategies for real-world scenarios, including defense against Distributed Denial of Service (DDoS) attacks, integration with Intrusion Detection and Prevention Systems (IDS/IPS), and advanced cyber deception techniques, and concludes with a short quiz to assess understanding.
Snort IDS Training – Intrusion Detection in Action
This course introduces Snort, an open-source Network Intrusion Detection System (NIDS) used to detect, analyze, and respond to cybersecurity threats in real time. It explains key intrusion detection principles, including monitoring network activity for unauthorized access and attacks on confidentiality, integrity, or availability. Participants learn how Snort functions as a packet sniffer, logger, and full IDS, analyzing traffic through rules, signatures, and plugins. Practical examples—such as detecting port scans, blocking malicious IPs, and identifying SQL injection attempts—demonstrate how Snort is configured and used in real-world scenarios.
The course highlights Snort’s advantages, including cost-effectiveness, flexibility, and integration with other tools, while addressing limitations such as configuration complexity, false positives, and the need for technical expertise. It also explores its ongoing evolution and concludes with a short quiz to assess understanding of its operation, rule creation, and defensive use.
NIS-2 Directive Regulatory Compliance
and Incident Reporting for 5G Operators
This course provides a clear and practical introduction to the NIS-2 Directive and its impact on 5G operators and digital service providers. Participants will gain an understanding of the expanded scope of NIS-2, including the distinction between essential and important entities, as well as the key cybersecurity obligations related to risk management, incident reporting, and compliance. The course explains how organisations can implement appropriate technical and organisational measures to protect their systems and ensure resilience against cyber threats.
It also explores incident notification requirements, supervisory mechanisms, and enforcement measures, highlighting the responsibilities of senior management and the potential consequences of non-compliance. A short quiz at the end of the course allows participants to assess their understanding of key concepts and practical requirements.
Analysis of cybersecurity measures under
NIS-2 Directive
This course provides a practical overview of cybersecurity measures under the NIS-2 Directive, focusing on how organisations can protect their network and information systems. It covers key areas such as risk management, secure configuration, vulnerability management, access control, and network security, offering guidance on implementing effective technical and organisational measures to strengthen resilience and ensure compliance with EU requirements.
The course also addresses incident response, business continuity, supply chain security, monitoring, and the use of cryptography, highlighting their role in a comprehensive cybersecurity strategy. Participants will gain the knowledge needed to assess and improve their organisation’s cybersecurity posture, with a short quiz at the end to test their understanding of key concepts.
