Education voucher at hand? Step into the fast lane: Contact us
Contact usYour bootcamp
Cyber, Cloud and Information Security Bootcamp
Next seat available
(within 1 year)
Our partner companies
Course Content
All content at a glance
Keyfacts
- Full-Time: 20 Weeks (Mo – Fr, 9.00 – 18.00 Uhr)
- Participants: approx. 10
- Locations: Remote (live online)
- Course language: German
- Completion: Certificate of participation, ISC2 Certified in Cybersecurity (CC), Information Security Officer (TÜV)
- Expected salary: 57.000€ - 89.000€
Tech Stack
Download tech stacks
Become an Information Security Officer - at the neue fische bootcamp
Upon completion of this program, you will be a qualified specialist at the intersection of IT, security, and compliance. You will strategically assess modern ICT and cloud infrastructure and secure it against current cyber threats using your technical expertise. You will be familiar with relevant requirements such as DORA, NIS2, and KRITIS and implement them practically. Your core competency lies in building and managing a certifiable ISMS according to ISO 27001 and BSI IT Baseline Protection. Simultaneously, you will ensure compliance with GDPR and Business Continuity Management (BCM) and consider current AI security topics.
Core competency: Designing, implementing, and auditing digital resilience
You combine technical defense mechanisms such as firewalls, cryptography, and cloud security with strategic management frameworks. You’re able to assess risks holistically – from technical vulnerabilities (Course 2) to legal and organizational consequences in critical situations (Course 3).
You take responsibility for information security, audit processes, and continuously improve them. This combination makes you an ideal fit for roles such as Information Security Officer (ISO), IT Compliance Manager, or Business Continuity Manager, helping organizations maintain digital sovereignty and strengthen stakeholder trust.
Requirements for this profile
For this profile, you need above all a strong interest in technology, IT infrastructures, and legal frameworks. In-depth IT knowledge is not necessary—all relevant basics of IT and the cloud will be taught during training.
However, it is important to have an analytical and structured way of thinking in order to set up management systems in a meaningful way and systematically assess risks. You should also be prepared to continuously deal with new threat scenarios (e.g., AI security) and changing legal requirements (e.g., NIS2) in order to strengthen the resilience of organizations in the long term.
Starting dates
The next dates: Cyber, Cloud and Information Security Bootcamp
Remote bootcamp participants are welcome to connect and collaborate on our campus. Just get in touch with us – happy to see you there!
May | 26th May – 19th Oct ‘26 | Full-Time | Remote | German | Secure seat |
|---|---|---|---|---|---|
Jul | 6th Jul – 30th Oct ‘26 | Full-Time | Remote | German | Secure seat |
What you will learn in our Cyber, Cloud and Information Security training
Verstehe die digitale Arbeitswelt und IT-Grundlagen
You will gain a solid understanding of IT systems, devices, operating systems, and digital work environments. You will learn the fundamentals of IT systems, hardware, and end devices, and understand how operating systems and software are installed, used, and managed. Furthermore, you will develop an understanding of structured data organization through file systems and folder structures, as well as different storage types such as local, external, network, and cloud storage. In addition, you will learn basic cloud concepts in comparison to local systems, as well as the basic structures of the web and internet, including URLs and the World Wide Web.
Understand networks and digital communication
You will learn the fundamentals of networks, the internet, and digital communication, as well as how to use them securely in everyday life. This includes network types such as LAN, WLAN, and mobile networks, and their underlying structures. You will understand key network components like routers and switches and how they interact. Additionally, you will learn how to use digital communication tools like email and calendars securely, as well as basic mailbox management. Practical troubleshooting skills using tools like ping and traceroute will be taught, along with safe browsing, browser privacy, and how to evaluate information sources on the internet.
Working safely in everyday digital life
You will develop secure digital work habits and understand typical everyday threats. You will learn about fundamental protection mechanisms such as firewalls, TLS, and VPNs, and gain insights into digital threats like malware, phishing, ransomware, and social engineering. You will develop best practices for secure behavior in the digital space, as well as backup and recovery strategies for data protection. Additionally, aspects of ergonomic and sustainable IT use will be covered, along with the safe handling of AI tools and their associated risks.
Understand security principles and cyber risks
You will learn about fundamental security models and modern attack detection. This includes understanding the CIA model with its principles of confidentiality, integrity, and availability, as well as the basics of authentication and access control. You will explore network architectures such as OSI and TCP/IP and how to design them securely. Additionally, you will gain insights into typical cyberattacks and their detection mechanisms, as well as the Zero Trust principle. Finally, you will learn the fundamentals of intrusion detection systems such as HIDS and NIDS.
Control access and secure systems
You will learn about access control, cryptography, and system hardening in modern IT environments. You will explore various access control models such as DAC, MAC, and RBAC, as well as the principle of least privilege. You will gain insights into identity and access management in cloud systems and learn system hardening methods based on established standards like CIS benchmarks. Additionally, you will learn fundamental principles of cryptography and organizational aspects of security governance and security policies.
Identify weaknesses and respond to attacks.
You will learn about vulnerability management, monitoring, and incident response processes. You will understand how to assess security vulnerabilities using CVE and CVSS, as well as the entire vulnerability lifecycle from identification to remediation. You will gain insights into cloud security posture management and data protection aspects in cloud environments. Furthermore, you will learn about security monitoring through SIEM systems and logging, as well as structured incident response.
Secure cloud and AI systems
You will learn about the risks of modern AI and cloud systems, as well as secure architectural principles. You will explore attacks such as prompt injection, data leakage, and model attacks, along with risks in the AI supply chain. You will gain a foundation in API security based on the OWASP Top 10 and learn how to design secure cloud and AI architectures. Finally, you will develop an understanding of how to assess secure systems.
Understand laws, data protection, and AI regulation
You will learn about regulatory requirements for data, AI, and critical infrastructure. This includes working with the GDPR and the processing of personal data, as well as documenting data flows and establishing compliance structures. You will understand international data transfers in the context of Schrems II and gain an overview of important regulations such as NIS2, DORA, and KRITIS. Additionally, you will learn about the risk classes and requirements of the EU AI Act and organizational governance structures.
Ensuring business continuity
You will learn about business continuity management and crisis management in companies. You will conduct business impact analyses to evaluate critical business processes and understand key performance indicators (KPIs) such as recovery time objectives (RTO) and recovery point objectives (RPO) for planning recovery times and data loss tolerance. You will develop strategies for emergency and recovery planning, work on organizing emergency structures, and learn how to test and continuously improve BCM plans.
Develop a complete ISMS for a company
You will develop a complete, auditable information security management system. You will learn the fundamentals of ISO 27001 and 27002, the PDCA cycle, and apply methods from the BSI IT Baseline Protection. You will conduct structured risk analyses according to ISO 27005 and work with audit and documentation processes. Additionally, you will define the scope and relevant assets and develop statements of applicability and security policies.
Final projects at Neue Fische & SPICED
Over 7,000+ neuefische x SPICED alumni have completed a final project at the end of their studies. Join our successful graduates, and build a project that will make your CV stand out. Have a look at past projects and be inspired.
Simple and affordable
Education must be affordable.
For other payment options, please speak to our student advisor.
FAQ
Really good questions, helpful answers
This training is ideal for anyone aiming for a specialized career in information security, compliance, IT risk management, or Business Continuity Management (BCM). Deep technical IT knowledge is not required, as all fundamentals are covered during the program. It’s especially suitable for career switchers and professionals looking to expand their profile with management systems such as ISO 27001.
You’ll be able to build and maintain an audit-ready Information Security Management System (ISMS) in line with ISO 27001 and BSI IT-Grundschutz. You’ll conduct risk analyses (ISO 27005) and Business Impact Analyses (BIA), assess technical security measures, ensure GDPR compliance, and integrate new regulatory requirements such as NIS2 and the EU AI Act.
You’ll be well prepared for demanding roles at the intersection of IT, security, and management. Typical positions include Information Security Officer, ISMS Manager, IT Compliance Manager, Business Continuity Manager, or IT Risk Consultant.
You submit your online application and then take part in a personal interview with us. We’ll talk about your motivation, your interest in governance topics, and your career goals. If everything’s a match, you’ll receive your acceptance shortly after.
What are you waiting for?
Our Student Admissions team is happy to talk with you, answer your questions, and advise you. Get in touch with us!
