COURSE OVERVIEW

Cybersecurity Need-to-Know for NRAs – Security Essentials, Legal Aspects and Economics
  

This course, designed by leading experts, offers inspiring and hands-on learning journeys in cybersecurity.

Tailored specifically for management-level staff at National Regulatory Authorities (NRAs), it addresses both technical and strategic dimensions of cybersecurity, ensuring a comprehensive understanding of threats, risks, and regulatory responses.

The program blends expert talks, real-life scenarios, group work, and interactive exercises to sharpen resilience against evolving cyber threats.


28-29 April 2026, Brussels

ONSITE
Write your awesome label here.

Benefits of the Course

Who should
attend

• Management-level NRA staff keen on enhancing their cybersecurity knowledge.

• Professionals involved in the technical or legal aspects of cybersecurity within NRAs.

Valuable insights

Through practical sessions and expert insights, the training will explore:

  • Legal and regulatory responsibilities of NRAs

  • Economic impacts and investment considerations in cybersecurity

  • Lessons learned from real-world cases and expert discussions

  • European best practices and cross-border cooperation



Key take-aways

  • Why cybersecurity is a strategic priority for NRAs

  • Core cybersecurity concepts and risk management basics

  • Practical regulatory perspectives on cyber threats

  • Peer exchange and hands-on learning experience

Practical Infos

What's included?

  • CEER Academy Certificate 
  • Real life case studies
  • Hands-on assignments
  • Access to rich materials
  • Group work activities

Fees & Details

  • Format: Onsite
  • Preparation hours: 6
  • Days of training: 2
  • Training hours: 14
  • LEVEL: B
  • Course fees:
    €1,200 or 2,5 training credits for members;
    €1,500 for non-members
  • Language: English
  • Scholarship and reduced fees (see conditions)
  • Cancellation policy (see conditions)

Location

CEER Premises
Cours Saint-Michel 30a/F, 1040 Brussel – Bruxelles


Registration Deadline

22 April 2025
Achieve you goals

Course Context

Continuing a tradition started in 2016, CEER welcomes staff from NRAs interested in cybersecurity from technical, legal or strategic angles to its annual cybersecurity training in Brussels. The 2026 edition focuses on technical, legal and economic aspects of cybersecurity and why it matters for NRAs. On the first day, participants will explore state of the art cybersecurity techniques and threats through interactive sessions. The second day will focus on legal aspects of cybersecurity and their implementation as well as practical economic aspects. The training also offers rich opportunities for networking and peer exchange, with informal moments like a Belgian beer tasting and a networking dinner.

Write your awesome label here.

Course Outline

Week 1 (20–24 April 2026)
Reading Material proposed by experts (if any).

 Week 2 – In-person training in Brussels

Day 1 – Theme: NRAs toolbox and why NRAs should use it. The day features expert sessions on why NRAs should think about cybersecurity and technical insights as well as how modern attacks may be treated. Through interactive sessions and a cybersecurity game, participants will internalize and apply the contents of the day. The day closes with a networking opportunity. 

 Day 2 :
 Theme: Legal and Economic Aspects of cybersecurity. The second day focuses on the implementation of cybersecurity legislation and topics related to financing and other economic aspects. Each topic will be deepened by panel discussion with the experts.

COURSE DIRECTOR

Øyvind Toftegaard 

Øyvind Toftegaard is a senior adviser on cybersecurity at the Norwegian Energy Regulatory Authority, and he is Co-chairing the Cybersecurity Workstream of the Council of European Energy Regulators. Øyvind holds a PhD from 2024 on regulatory strategies for a resilient smart grid and he is a part time researcher in the Critical Infrastructure Security and Resilience Research Group at the Norwegian University of Science and Technology. Previously, Øyvind has been a cybersecurity analyst at the Central Bank of Norway, and he has been an officer in the Norwegian Armed Forces. As security adviser, he has been involved with the development of cybersecurity legislation on both national and EU levels, he provides cybersecurity guidance to the energy sector in Norway and Europe, and he audits cybersecurity compliance of Norwegian energy entities. As a researcher, Øyvind also regularly publishes research papers on energy, policy, and security related topics. 
Patrick Jones - Course author
COURSE DIRECTOR

Philippe Mahler 

Dr. Philippe Mahler is a recognized expert at the crossroads of economics and cybersecurity, with deep expertise in digitalization processes. He studied economics at the Universities of Berne and Lund and earned a PhD in applied microeconometrics from the University of Zurich.   His career includes consulting roles at Plaut Economics and Polynomics, where he developed strong expertise in economic analysis and strategic policy advice. At the Swiss Federal Electricity Commission (ElCom), he served as a specialist and later as Deputy Head of the Networks and Europe section, focusing in particular on the economic dimensions of cybersecurity. Today, as Head of ElCom's Data Analysis and Cybersecurity division, Dr. Mahler leads the ongoing development and implementation of cybersecurity strategies, combining regulatory insight with a deep understanding of technical and economic challenges.
Patrick Jones - Course author
COURSE DIRECTOR

Nicolas Sciboz 

Nicolas Sciboz is a cybersecurity expert with over 15 years of experience in critical infrastructure protection, risk analysis, and IT security architecture. At the Swiss Federal Electricity Commission (ElCom), he contributes to the oversight of cybersecurity compliance in Switzerland’s energy sector and collaborates with the National Cyber Security Centre (NCSC) and international partners on sector-wide security initiatives.   His career spans public administration, military cyber defense, and the private sector, with former roles including CISO at Liebherr Machines Bulle SA and Head of IT Infrastructure & CISO at the Swiss National Science Foundation. He brings deep expertise in implementing cybersecurity frameworks, conducting risk assessments, and aligning organisations with ISO/IEC 27001 standards.   Nicolas is an advocate for cyber resilience and actively contributes to cybersecurity training initiatives in the energy sector, promoting best practices and fostering cross-border cooperation.

Patrick Jones - Course author

Your contact

Rasha Zeina
Training & Programme Coordinator 

rasha.zeina@ceer.eu

Created with