IT EN
Client Portal →
sales@10punto10.eu · 02 87176855
Security Awareness · Managed service

The most expensive firewall
won't stop the employee's
wrong click.

90% of attacks start from human error. Continuous staff training is no longer optional: NIS2 makes it mandatory. We make it simple.

Activate training → Why it matters
NIS2 Art. 21 Phishing simulation 3 platforms, 1 partner Powered by NEXUS

The human factor
is the #1 risk

You can have the best firewall, the most advanced EDR, a perfectly segmented network. But if an employee clicks a phishing link, none of that matters. 91% of cyber attacks start with an email. And 74% of breaches involve the human factor.

NIS2 (Art. 21, paragraph 2, letter g) requires companies to train staff on cybersecurity. Not as a one-off, but continuously and measurably. 10punto10 selects the right platform for your company, configures it, monitors results on NEXUS and guides you toward compliance.

91%
Of cyber attacks start with a phishing email
NIS2
Art. 21: mandatory training for staff and executives
74%
Of breaches involve human error (Verizon DBIR 2024)
3x
Reduction in phishing clicks after 6 months of training

How the service works

We don't just sell you a platform. We design the training path, activate it, measure results and improve it over time. You don't have to manage anything.

01

Initial assessment

We assess your company's awareness level with a controlled phishing simulation campaign. We measure who clicks, who reports, who ignores. This tells us where to start.

  • Baseline phishing simulation
  • Report by role and department
  • NIS2 gap analysis
02

Platform selection

Based on results, company size and budget, we recommend the most suitable platform among Cyber Guru, Kaspersky ASAP and Acronis Security Awareness. Each has different strengths.

  • Company-platform matching
  • Custom configuration
  • Active Directory integration
03

Continuous training

Micro-learning paths distributed over time. No 4-hour courses nobody follows: short, frequent, adaptive learning pills calibrated to each user's level. Recurring phishing simulations to measure progress.

  • Adaptive micro-learning
  • Monthly phishing simulations
  • Role and seniority paths
04

Reporting and compliance

Every campaign, every completed course, every phishing test: all tracked on NEXUS. Reports ready for NIS2 audit with evidence of continuous staff training, including executives and board members.

  • Dedicated NEXUS dashboard
  • NIS2 Art. 21 reports
  • ACN audit evidence

Three platforms,
one for every need

There is no one-size-fits-all solution. A hospital has different needs than an accounting firm. That's why we work with three vendors, each strong in its segment.

Enterprise

Cyber Guru

Three training programs, CME credits and ACN accreditation

  • Cyber Guru Awareness: adaptive didactic paths
  • Cyber Guru Channel: interactive cybersecurity TV series
  • Cyber Guru Phishing: behavior-based adaptive simulations
  • CME credits for healthcare staff
  • Dedicated paths for board and C-level (NIS2)
  • Italian platform, ACN accredited, data in Italy
Ideal for: hospitals, large enterprises, public sector, finance
Request Cyber Guru demo →
Entry level

Acronis Awareness

Simple, affordable, integrated with Cyber Protect

  • Powered by Wizer: professional ready-to-use content
  • Gamified phishing simulation included
  • Multitenant console for centralized management
  • Integrated into Acronis Cyber Protect Cloud ecosystem
  • Low cost, operational in days
  • No vertical paths for executives or NIS2
Ideal for: professional firms, micro-businesses, startups
Request Acronis demo →

Who needs to train
their staff?

NIS2 makes no distinctions: all companies classified as essential or important must ensure cybersecurity training for staff, including executives. But even companies outside NIS2 scope benefit from training: fewer incidents, less downtime, lower insurance premiums.

Training must be continuous, measurable and documented. A PDF sent by email once a year is not enough.

🏥
Healthcare and hospitals NIS2 requirement + CME credits with Cyber Guru
🏭
Manufacturing and industry OT awareness training for operators and technicians
🛒
Retail and hospitality High-turnover staff: fast and continuous training needed
⚖️
Professional firms Sensitive client data, mandatory GDPR training
Integrated in NEXUS

Training and security
in a single view

NEXUS integrates awareness data with security monitoring. See the correlation between training and incidents: are the least trained departments the ones generating the most alerts?

Unified reports for the CISO and NIS2 audit. Training status, phishing click rate, completed courses, all in one dashboard.

Discover NEXUS →
Live
Phishing click rate by department in real time
NIS2
Training evidence Art. 21 paragraph 2 letter g
PDF
Monthly reports for CISO, DPO and ACN audit

Frequently asked questions

Is awareness training mandatory under NIS2?
Yes. Art. 21 of NIS2 explicitly lists staff training among mandatory security measures. Training must also involve executives and management bodies. The ACN (National Cybersecurity Agency) will verify training evidence during audits.
How much time does it take employees?
The platforms use micro-learning: 3-5 minute sessions, 2-3 times a week. No long courses that block productivity. Employees train during natural breaks in their workday. On average, 15-20 minutes per week.
How do I know if it's working?
We measure everything. The click rate on phishing simulation emails is the main KPI: after 3-6 months of training, the click rate typically drops from 30% to 5-8%. On NEXUS you can see the trend month by month, department by department.
Can I start with one platform and switch to another?
Yes. The three platforms cover different segments. If your company grows or needs change, we can migrate data and progress. The advantage of working with 10punto10 is that we know all three and advise you without vendor lock-in.

Find out how vulnerable your team is.

Free phishing simulation campaign: we test your employees' awareness and show you the results. Zero commitment, zero cost. Then you decide whether to activate training.

Request free phishing test → 📞 +39 02 87176855