Becoming a Cybersecurity Consultant

Becoming a Cybersecurity Consultant

A Cybersecurity Consultant should perform a varied number of tasks within an organization, no matter the industry they are performing in. Within CONCORDIA, based on a desk research followed by a market validation, we have identified a set of Knowledge and Skills a Cybersecurity Consultant should have [link]. The most important ones are depicted below.

To support people in preparing for a career as Cybersecurity Consultant we have developed a COURSE and a CERTIFICATION scheme.

The COURSE aims to help individuals acquire the knowledge and skills illustrated below. The Course is suitable also for individuals planning to follow a career in cybersecurity, including middle managers and executives.

After successfully passing the exam (consisting of two parts), the Certificate would stand as a proof an individual acquired a specific set of knowledge and developed specific skills.

The course is a joint effort of the following CONCORDIA partners:

The Course “Becoming a Cybersecurity Consultant” is structured in two parts (online and face-to-face) and is organized around 3 main learning objectives:

  1. Threats – Get updated on the existing and emerging cybersecurity threats, the assets possible to be impacted, and the latest models of attacks.
  2. Technology – Become knowledgeable about specific technological threats, learn how to anticipate and prevent them, while developing proactive management skills.
  3. Economics – Get an understanding of the economics behind cybersecurity activities within your organization. Learn about risk management and information security to protect the corporate reputation and preserve customer loyalty.

The online part of the course is designed to cover theoretical concepts a Cybersecurity Consultant (low-to-medium level) should know. It is structured in 4 modules (Cybersecurity Principles; Offensive Methods, Defensive Methods; Risk Management) and is proposed to be completed in about 3-4 weeks-time while allocating about 2-3 hours a week.

ModuleLesson CodeLesson titleLecturer(s) affiliationLearning Objective
IntroA0The Cybersecurity Consultant role profileTUVA (AT)
A-CYBERSECURITY PRINCIPLESA1CIA Triad and Security PrinciplesUniversity of Insubria (IT),
Industrial Systems Institute (GR)
LO1, LO2
A2Software Vulnerabilities: CVE, CVSS, and beyondUniversity of Milan (IT)LO1
A3Privacy Principles to Manage Risks Related to DataUniversity of Insubria (IT)LO1
A4Accountability as success factor in this Digital AgeArthur’s Legal (NL)LO1, LO2, LO3
A5Principles of Risk ManagementTUVA (AT)LO3
B-OFFENSIVE METHODSB1Attacks Capabilities and Attacks StagesIndustrial Systems Institute (GR)LO1
B2Emerging Security Issuees and Evolving AttacksUniversity of Milan (IT)LO1
B3Networks AttacksUniversity of Lorraine (FR)LO2
B4Internet Technologies: Definition, Principles and Top ThreatsUniversity of Lorraine (FR)LO2, LO3
C-DEFENSIVE METHODSC1The Security by design Principle Approaches and ParadigmsIndustrial Systems Institute (GR)LO1
C2Vulnerability Managemenet MethodsUniversity of Lorraine (FR)LO2, LO3
C3Network Protections MethodsUniversity of Lorraine (FR)LO2, LO3
C4OS/Application Protections MethodsBITDEFENDER (RO)LO2, LO3
C5Data Protection and SecurityUniversity of Zurich (CH)LO3
C6The SIM ApproachArthur’s Legal (NL)LO2, LO3
D-RISK MANAGEMENTD1Overview on Risk Assessment FrameworkUniversity of Zurich (CH)LO1, LO3
D2Risk Management with an Economic BiasUniversity of Zurich (CH)LO3
D3Non-conformity/non compliance perspectivesArthur’s Legal (NL)LO3
D4Digital SovereignityArthur’s Legal (NL)LO1, LO2, LO3

⇒ Access to the Course – online part on Coursera platform [link] – May 2021 session closed; October 2021 session closed – will be re-open in May 2022

⇒ Access to the presentations used in the online part [link] – restricted to the learners who followed the course and to those registered to the C3 by CONCORDIA Certification exam

The Face-to-Face/webinar part of the course is designed to build on the theoretical concepts covered in the online part by bringing into the discussion of the group different case studies while also involving the participants in hands-on exercises. The agenda of the 3 days module is structured as follows:

⇒ Access to the presentations of the Face-to-Face/webinar part [link] – restricted to the learners who followed the course and to those registered to the C3 by CONCORDIA Certification exam

The report on the pilot course could be consulted via [link]

The next Course will start in April 2022. The registration process is open and will be closed on April 15th. Link to the Registration form.

The C3 by CONCORDIA certification is addressed mainly to European cybersecurity professionals, cybersecurity middle managers and freelancers looking into having specific knowledge and skills validated via a certificate. For an overview of the knowledge and skills we consider a Cybersecurity Consultant should have, we invite you to check the specific page [link].

The Certification exam consists of two parts: a theoretical exam hosted on the ISOGRAD platform (proctored) for testing the top knowledge identified for the profile, and a practical exam hosted on the KYPO platform for testing some of the skills needed for the profile.

⇒ Access to the theoretical exam [link] – restricted to the learners registered to the C3 by CONCORDIA Certification exam

⇒ The Certification Proctor Manual for the theoretical exam [link]

⇒ Access to the practical exam [link] – restricted to the learners registered to the C3 by CONCORDIA Certification exam

The applicants to the C3 by CONCORDIA Certificate are strongly encouraged to adhere to the following Declaration of Honor [link].

The candidates to enter the C3 by CONCORDIA Certification are strongly encouraged to follow first the dedicated course “Becoming a Cybersecurity Consultant”. An overview of the Course and Certificate including the specific steps, prerequisites and timeline for the session scheduled in the first half of 2022 could be consulted at

A limited number of seats will be made available to cybersecurity professionals applying directly to the Certification exam without following the course. Those interested in sitting the C3 by CONCORDIA Certification exam should register no later than April 24th, 2022 via the form:

The C3 by CONCORDIA Certificate and the relevant assessment processes are implemented based on the C3 by CONCORDIA Certification Scheme (link).

“Becoming a Cybersecurity Consultant” – registration for the session May 2022

By filling-in this form you express your interest in attending the course “Becoming a Cybersecurity Consultant” organized by CONCORDIA project.

The Course aims at helping individuals acquire a set of knowledge and skills related to the Cybersecurity Consultant role profile, medium level. It is suitable for individuals planning to develop a career in cybersecurity, including middle managers and executives, and it is addressing the European market. To take full advantage of the content covered and be able to solve the short quizzes included in the course, the participants should have basic knowledge of data structures and algorithmic principles, regular expressions, database principles, shell scripting, networking principles, tools and architectures, operating systems basics, security controls, mechanisms and practice and risk management theories and methods.

The course “Becoming a cybersecurity consultant” is organized on two modules (online self-peace and live webinar) and it is offered as a support in preparing for taking the C3 by CONCORDIA Certification exam.

For information about the general structure of the course, it’s learning objectives, and the main knowledge and skills covered by the different modules, we invite you to check the page

An overview of the 2022 offer on Certification and preparatory course, including the prerequisites linked to each of the phases of these activities could be consulted at

The next session of the course is scheduled for April-May 2022 and it is offered free of charge. We will come back to you for the formal confirmation of your enrolment to the course by 15 April, at the latest. Before submitting your registration form, please check and acknowledge the timeline for the specific dates linked to the two modules of the course.