Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.AT-01.1: The organisation shall establish and maintain a cybersecurity awareness and training programme to ensure that all personnel understand how to perform their tasks securely and responsibly. |
|
PR.AT-01.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p74 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_BASIC_E_p32 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p104 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
<div><p>The goal of control PR.AT-01.1 is to ensure everyone in the organisation understands how to work securely by providing regular, clear, and practical cybersecurity training that reduces human risk and supports safe behaviour in both IT and OT environments. To achieve this goal, the following should be considered:</p><ul><li>Basic Training Should Be Provided to All Cybersecurity awareness training should be given to all employees, contractors, partners, and suppliers, including those in Operational Technology (OT) environments.</li><li>Training Should Cover Common Threats Topics such as phishing, weak passwords, social engineering, and OT-specific risks (e.g. USB misuse, remote access threats) should be included.</li><li>Training Should Start Early and Be Repeated Regularly Training should be provided during onboarding and refreshed at least annually. Ongoing updates and reminders should reinforce key messages.</li><li>Multiple Channels Should Be Used Awareness should be raised through structured sessions, campaigns, posters, newsletters, and interactive tools.</li><li>Consequences of Non-Compliance Should Be Explained The impact of violating cybersecurity policies should be clearly communicated, both for individuals and the organisation.</li><li>Training Should Align with Policies and Best Practices Content should reflect internal cybersecurity policies, expected behaviours, and protection measures. Recognised frameworks like ENISA’s AR-in-a-Box should guide programme design.</li><li>OT-Specific Risks Should Be Addressed Training should be tailored to include the unique responsibilities and risks faced by personnel working with industrial control systems and other OT assets.</li><li>Content Should Be Kept Up to Date Training materials should be regularly reviewed and updated to reflect new threats and lessons learned from incidents.</li></ul></div> |
|
A general note, for any purpose. |
The goal of control PR.AT-01.1 is to ensure everyone in the organisation understands how to work securely by providing regular, clear, and practical cybersecurity training that reduces human risk and supports safe behaviour in both IT and OT environments. To achieve this goal, the following should be considered: - Basic Training Should Be Provided to All Cybersecurity awareness training should be given to all employees, contractors, partners, and suppliers, including those in Operational Technology (OT) environments. - Training Should Cover Common Threats Topics such as phishing, weak passwords, social engineering, and OT-specific risks (e.g. USB misuse, remote access threats) should be included. - Training Should Start Early and Be Repeated Regularly Training should be provided during onboarding and refreshed at least annually. Ongoing updates and reminders should reinforce key messages. - Multiple Channels Should Be Used Awareness should be raised through structured sessions, campaigns, posters, newsletters, and interactive tools. - Consequences of Non-Compliance Should Be Explained The impact of violating cybersecurity policies should be clearly communicated, both for individuals and the organisation. - Training Should Align with Policies and Best Practices Content should reflect internal cybersecurity policies, expected behaviours, and protection measures. Recognised frameworks like ENISA’s AR-in-a-Box should guide programme design. - OT-Specific Risks Should Be Addressed Training should be tailored to include the unique responsibilities and risks faced by personnel working with industrial control systems and other OT assets. - Content Should Be Kept Up to Date Training materials should be regularly reviewed and updated to reflect new threats and lessons learned from incidents. |
|
A general note, for any purpose. |
The goal of control PR.AT-01.1 is to ensure everyone in the organisation understands how to work securely by providing regular, clear, and practical cybersecurity training that reduces human risk and supports safe behaviour in both IT and OT environments. To achieve this goal, the following should be considered: • Basic Training Should Be Provided to All Cybersecurity awareness training should be given to all employees, contractors, partners, and suppliers, including those in Operational Technology (OT) environments. • Training Should Cover Common Threats Topics such as phishing, weak passwords, social engineering, and OT-specific risks (e.g. USB misuse, remote access threats) should be included. • Training Should Start Early and Be Repeated Regularly Training should be provided during onboarding and refreshed at least annually. Ongoing updates and reminders should reinforce key messages. • Multiple Channels Should Be Used Awareness should be raised through structured sessions, campaigns, posters, newsletters, and interactive tools. • Consequences of Non-Compliance Should Be Explained The impact of violating cybersecurity policies should be clearly communicated, both for individuals and the organisation. • Training Should Align with Policies and Best Practices Content should reflect internal cybersecurity policies, expected behaviours, and protection measures. Recognised frameworks like ENISA’s AR-in-a-Box should guide programme design. • OT-Specific Risks Should Be Addressed Training should be tailored to include the unique responsibilities and risks faced by personnel working with industrial control systems and other OT assets. • Content Should Be Kept Up to Date Training materials should be regularly reviewed and updated to reflect new threats and lessons learned from incidents. |
|
A general note, for any purpose. |
The goal of control PR.AT-01.1 is to ensure everyone in the organisation understands how to work securely by providing regular, clear, and practical cybersecurity training that reduces human risk and supports safe behaviour in both IT and OT environments. To achieve this goal, the following should be considered: - Basic Training Should Be Provided to All Cybersecurity awareness training should be given to all employees, contractors, partners, and suppliers, including those in Operational Technology (OT) environments. - Training Should Cover Common Threats Topics such as phishing, weak passwords, social engineering, and OT-specific risks (e.g. USB misuse, remote access threats) should be included. - Training Should Start Early and Be Repeated Regularly Training should be provided during onboarding and refreshed at least annually. Ongoing updates and reminders should reinforce key messages. - Multiple Channels Should Be Used Awareness should be raised through structured sessions, campaigns, posters, newsletters, and interactive tools. - Consequences of Non-Compliance Should Be Explained The impact of violating cybersecurity policies should be clearly communicated, both for individuals and the organisation. - Training Should Align with Policies and Best Practices Content should reflect internal cybersecurity policies, expected behaviours, and protection measures. Recognised frameworks like ENISA’s AR-in-a-Box should guide programme design. - OT-Specific Risks Should Be Addressed Training should be tailored to include the unique responsibilities and risks faced by personnel working with industrial control systems and other OT assets. - Content Should Be Kept Up to Date Training materials should be regularly reviewed and updated to reflect new threats and lessons learned from incidents. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.AT-01.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Cybersecurity awareness and training programme |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall establish and maintain a cybersecurity awareness and training programme to ensure that all personnel understand how to perform their tasks securely and responsibly. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
21 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 23 of 23
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1