Cybersecurity Training Course

Ransomware Crisis Management

A hands-on training course

A Tabletop Exercise That Puts You Inside the Crisis - Before the Real One Arrives

—  —  —

Reading about a cybersecurity crisis is not the same as acting in one. This training is built on a single conviction: the moment of a real crisis is the worst possible time to discover your deficiencies.

The EU-funded CADMUS project (https://cadmus-project.eu/), aiming to address the cybersecurity expertise shortage in Europe, organizes a training course that focuses on ransomware, one of the most critical challenges in today's digital landscape. Ransomware incidents affect public authorities, businesses, universities, hospitals, and individuals alike. They can interrupt critical services, create financial losses, expose sensitive data, and put strong pressure on organizations to make difficult decisions very quickly.

Who can attend?

- Early-Career Cybersecurity Practitioners: Building towards incident responder, CISO, or compliance roles and seeking realistic, consequence-driven scenario practice.

- Public Servants and Managers: IT managers, DPOs, compliance officers, and public sector staff responsible for cybersecurity risk, data protection, or service continuity.

- No technical expertise is required. A basic awareness of IT systems is sufficient to participate.

Why participate?

By joining this training, you will have the opportunity to:

•     Safely Experience a Full Ransomware Lifecycle

—

Using MITRE ATT&CK, experience the progression from Initial Access to Ransom Demand and Data Exfiltration through Privilege Escalation and Lateral Movement, without real-world consequences.

•     Take The Lead on Decisions That Matter

—

Pay the ransom or follow ENISA guidance?
Accept institutional assistance knowing it triggers info-sharing obligations?
A limited budget and a ticking clock require justified decisions!

•     Build a Recognised Skill Toolkit

—

Skills are mapped to the EU Cybersecurity Skills Framework (ECSF)

—

Participants receive a completion record documenting the competencies practised, suitable for CPD portfolios and training records.

How to participate?

Participation is free of charge. Places are available on a rolling basis.

Register your participation through the designated link through by 29 April 2026.

Detailed information about the course will be sent after registration.

The course follows a flexible structure and has a total duration of approximately 4–6 hours, combining self-paced preparation, a Tabletop exercise delivered either in situ or online, practical deliverables, and a short knowledge-check and debrief component.

What to bring?

•     Your curiosity

No prior incident response experience is required to participate.

•     No device needed

For in-situ sessions all required materials are provided by the instructor.

•     Optional preparation

A short pre-session baseline quiz is available. Completing it helps tailor the experience to the participant’s level.