IWH Cyber Training
143 courses. 15 paths. Every department covered.
Industry-agnostic cyber security awareness training platform with full bilingual EN/EL support, audio narrations, department-specific training paths, and accessibility features. From IT staff to executive leadership — every role gets the training they actually need.
For maritime-specific training, see Maritime CSAWTP — purpose-built for shipping companies with Margetis Maritime.
At a Glance
The Human Factor
NIS2 mandates security awareness training for all essential and important entities — not just maritime, not just critical infrastructure. Generic annual presentations no longer satisfy regulators. Your people need role-specific, documented, verifiable training.
Regulatory Mandates
ISO 27001 (A.6.3), NIS2 (Article 21), GDPR (Article 32), and Greek Law 4624/2019 all require documented security awareness programmes. A spreadsheet and an annual presentation no longer satisfy auditors.
Every Department, Different Risks
Finance faces BEC and invoice fraud. HR handles sensitive personal data. IT manages privileged access. Legal navigates regulatory exposure. One-size-fits-all training wastes time and misses the threats that actually matter to each role.
Audit-Ready Evidence
Timestamped completion records, quiz scores, policy acknowledgements with IP/user-agent logging, and exportable compliance reports — the evidence auditors require, generated automatically as training is delivered.
Training Content Library
143 courses across 5 categories, covering every department and technical role. All content available in English and Greek with audio narrations.
Part A: Core Awareness — 27 Courses
Phishing, ransomware, social engineering, passwords, MFA, BYOD, WiFi security, physical security, data protection, GDPR, incident response, BCP/DR, supply chain, cloud, insider threats, BEC, IoT, remote work, governance, safe browsing, AI-era threats, cyber risk assessment, and regulatory compliance fundamentals.
Part B: IT & Privileged Users — 16 Courses
PAM, system hardening, patch management, SIEM operations, IAM, endpoint security, cloud administration, backup & recovery, incident response for IT, digital forensics awareness, email infrastructure, secrets & cryptography, DevOps/IaC security, database security, and change management.
Part C: Remote & Hybrid Workers — 12 Courses
Home office setup, home network security, VPN usage, public WiFi & travel security, device security, work/personal separation, cloud collaboration tools, video conferencing security, screen privacy, remote authentication, social engineering for remote workers, and remote incident reporting.
Part D: Factory & Industrial OT/ICS — 12 Courses
OT vs IT fundamentals, ICS/SCADA awareness, USB in industrial environments, physical access control, safety/security intersection, air-gapped networks, social engineering in OT, OT incident reporting, vendor access management, OT authentication, OT patching, and cyber resilience for industrial operations.
Part E: Business Departments — 74 Courses
Targeted training for 8 departments, each with role-specific threat scenarios and compliance requirements.
Finance
FIN-01 to FIN-08 · 8 courses
Procurement
PROC-01 to PROC-08 · 8 courses
Management
MGMT-01 to MGMT-10 · 10 courses
HR
HR-01 to HR-09 · 9 courses
Sales & Marketing
SM-01 to SM-09 · 9 courses
Legal & Compliance
LEG-01 to LEG-11 · 11 courses
Customer Service
CS-01 to CS-08 · 8 courses
Executive Leadership
EXEC-01 to EXEC-11 · 11 courses
Department-Specific Training Paths
15 pre-configured training paths plus 3 AI-focused paths in development. Each path groups relevant courses for a specific role or department. New employees are automatically enrolled on the default onboarding path.
Core Awareness
Comprehensive baseline for all employees. Automatically assigned to new joiners.
IT & Privileged Users
Advanced: PAM, SIEM, hardening, forensics, DevOps security, endpoint management.
Remote & Hybrid Workers
Home office, VPN, travel security, device management, remote incident reporting.
Factory & Industrial OT/ICS
ICS/SCADA, OT patching, air-gapped networks, physical access, vendor management.
Finance
BEC, invoice fraud, financial data handling, payment system security.
Procurement & Vendors
Third-party risk, vendor assessment, supply chain attacks, contract security.
Management & Executives
Strategic view: risk governance, business continuity, regulatory obligations.
HR
Employee data protection, onboarding/offboarding, insider threat awareness.
Sales & Marketing
CRM data security, social engineering, brand impersonation, client data handling.
Legal & Compliance
GDPR, NIS2, e-discovery, legal hold, privilege and confidentiality.
Customer Service
Social engineering defence, caller verification, data handling during support.
Executive Leadership
Board-level cyber risk, CEO fraud, strategic incident management, liability.
AI Agent Compliance
Governing AI agents in the workplace, prompt injection, data leakage prevention.
AI Handlers & Operators
Safe use of AI tools, output validation, sensitive data in prompts.
AI Developers & Prompt Engineers
Secure AI development, model security, adversarial testing, AI supply chain.
Audio Narrations & Accessibility
Every lesson can be listened to, not just read. Full accessibility features ensure no one is left behind.
Greek Audio Narrations
829 Greek MP3 narrations using Microsoft Edge TTS (el-GR-AthinaNeural voice). Text-highlight synchronisation via data-hl attributes — the spoken word highlights in the lesson as the narration plays.
Full Bilingual EN/EL
859 i18n keys per language covering the complete interface. All courses, lessons, questions, policies, and training paths have bilingual content columns. Learners choose their preferred language at login.
Accessibility Widget
Font size control (normal/large/x-large), high contrast mode, link highlighting — all persisted to localStorage. English narrations (en-GB-SoniaNeural) currently in progress.
Platform Features
Enterprise-grade LMS capabilities built for security awareness training, not adapted from generic courseware.
Quiz Engine
Multiple choice, true/false, and scenario-based questions. Configurable pass percentage, retakes with cooldown, randomisation from a 3x question pool. Final certification exam gating all coursework.
Policy Management
11 version-controlled compliance policies with timestamped acknowledgements. IP address and user-agent recorded per acknowledgement for non-repudiation. Automatic re-acknowledgement on version updates.
Certificate Generation
PDF certificates via WeasyPrint + Jinja2 templates. A4 landscape, customisable per-tenant branding. Final exam completion required for certification — 30 questions, 80% pass threshold.
Multi-Tenant Architecture
Row-level tenant isolation with feature flags (JSONB). Course tenant scoping (all/selected), per-tenant training path customisation, and plan tiers (standard/professional/enterprise).
Reporting & Analytics
Overview, courses, users, and departments tabs. CSV export, scheduled reports (daily/weekly/monthly). Time-spent tracking per lesson and per assignment.
Background Automation
Overdue assignment detection, scheduled report generation, daily database backups, and automatic cleanup — all via APScheduler cron jobs running inside the container.
Role-Based Access Control
Six distinct roles with principle of least privilege. From platform-level operators to individual learners, every user sees only what they need.
Platform Level
Super Admin
Full platform access across all tenants. Creates global training content, manages tenants, users, and certificate templates.
Platform Level
Super Auditor
Read-only access to all admin data, cross-tenant reports, and certificate template management. For platform-level compliance oversight.
Tenant Level
Tenant Admin
Full management of their own tenant: users, training modules, policies, assignments, and reports. Cannot access other tenants.
Tenant Level
Auditor
Read-only dashboard, user list, and reports within their own tenant. Can edit user profiles for compliance officers.
Tenant Level
Manager
Content management within their tenant: modules, lessons, policies, training paths, and assignments. For department heads and HR.
Learner Portal
Learner
Access to assigned courses, quizzes, policy acknowledgements, and personal certificates. Designed for simplicity across all proficiency levels.
Compliance Framework Mapping
Every course maps to specific regulatory requirements. CSAWTP provides the documented evidence that satisfies auditors across multiple frameworks simultaneously.
| Framework | Requirement | How IWH Cyber Training Addresses It |
|---|---|---|
| ISO 27001:2022 | A.6.3 — Information Security Awareness | 143 courses with tracked completion, quiz scores, and certificates |
| ISO 27001:2022 | A.7.2-7.3 — Terms & Conditions of Employment | Policy acknowledgements with timestamped, non-repudiable records |
| NIS2 Directive | Article 21 — Cybersecurity Risk Management | Role-specific training paths, department-targeted content, evidence export |
| GDPR | Article 32 — Security of Processing | Data protection and privacy modules, staff awareness documentation |
| GDPR | Article 39 — Tasks of the DPO | Legal & Compliance training path with GDPR-specific courses |
| Greek Law 4624/2019 | National GDPR Implementation | Bilingual Greek content, Greek audio narrations, localised compliance |
Technical Architecture
Modern, containerised stack. No vendor lock-in, no proprietary formats. Your data stays on your infrastructure.
React 18
Frontend + TypeScript
FastAPI
Backend + async
PostgreSQL 16
Database
Alembic
Migrations
Docker
Deployment
JWT + MFA
Authentication
WeasyPrint
PDF Certificates
APScheduler
Background Jobs
TipTap
Rich Text Editor
react-i18next
Internationalisation
IWH Cyber Training vs Maritime CSAWTP
Same proven platform, dramatically expanded. The general version extends the maritime foundation with 5x more content and features built for every industry.
| Capability | IWH Cyber Training | Maritime CSAWTP |
|---|---|---|
| Courses | 143 | 27 |
| Lessons | 877 | 193 |
| Training Paths | 15 + 3 AI (coming soon) | 7 |
| Language | Bilingual EN/EL | English only |
| Audio Narrations | 829 Greek + English in progress | Not available |
| Department Tracks | 8 departments (Finance, HR, Legal, etc.) | Maritime focus (Shore, Vessel, Bridge) |
| Accessibility Widget | Font size, contrast, link highlights | Not available |
| Course Cloning | Single + multi clone modes | Not available |
| Self-Service Restart | Learners can reset completed courses | Not available |
| Target Industry | All industries | Maritime / Shipping |
Need maritime-specific content with IMO MSC-FAL.1/Circ.3 alignment? See Maritime CSAWTP, developed in partnership with Margetis Maritime.
Ready to build a security-aware workforce?
143 courses, 15 department-specific paths, full bilingual support. Request a demo to see IWH Cyber Training in action.
Request a Demo