The General Data Protection Regulation (GDPR) for the Board of Directors and the CEO of EU and non-EU based companies


The GDPR is important for EU and non-EU companies that are offering goods or services to identified or identifiable EU natural persons ("data subjects"), organizations processing personal data of EU data subjects, or organizations that monitor the online behaviour of EU data subjects. Non-EU companies that have no local presence in the EU are also in scope of the GDPR legislation. Penalties for violating the GDPR could reach € 20 million or 4% of a company’s annual worldwide turnover.

Target Audience

The program is recommended for the Board of Directors and the CEO.


One hour to half day, depending on the needs, the content of the program and the case studies. We always tailor the program to the needs of each client.


Our instructors are working professionals that have the necessary knowledge and experience in the fields in which they teach. They can lead full-time, part-time, and short-form programs that are tailored to your needs. You will always know up front who the instructor of the training program will be.

George Lekatis can also lead the class. His background and some testimonials can be found at:

Course Synopsis:

- An overview of the DGPR.

- What is different now.

- Important Articles of the GDPR.

- The increased importance of information security, international standards, and best practices.

- "Privacy by design" and "privacy by default" (Art. 25 GDPR), "due regard to the state of the art" ((78), (83), Art. 25, Art. 32 GDPR).

- Establishing what must be changed: Enterprise-wide privacy governance structure with clearly defined roles and responsibilities, privacy risks and controls, customer profiling, enterprise-wide personal data retention and destruction, handling customers’ personal data requests, privacy data breaches, data breach response, third parties and outsourcing, data across the borders, privacy training tailored to the employee’s roles and responsibilities.

- Policies, Procedures, Communication, Enforcement. Everybody must understand the new obligations - the Board, the CEO, senior management, and all departments.

- The questions every board of directors must ask.

For more information, you may contact us.

Terms and conditions

You may visit:

Cyber Security Training

Cyber security is ofter boring for employees. We can make it exciting.

Online Cybersecurity Training

Online Training

Recorded on-demand training and live webinars.

In-house Cybersecurity Training

In-house Training

Engaging training classes and workshops.

Social Engineering Training

Social Engineering

Developing the human perimeter to deal with cyber threats.

Cybersecurity Training for the Board

For the Board

Short and comprehensive briefings for the board of directors.

Cybersecurity Assessment


Open source intelligence (OSINT) reports and recommendations.

High Value Targets Cybersecurity Training

High Value Targets

They have the most skilled adversaries. We can help.

Which is the next step?


You contact us


We discuss


Our proposal


Changes and approval


We deliver

Cyber Risk GmbH, Cyber Risk Awareness and Training