# AWARELY — Cybersecurity Awareness Training & NIS2 Readiness

> AWARELY (awarely.ro) is a Romanian cybersecurity company providing NIS2 readiness consulting, cybersecurity awareness training (online and on-site), school/university education programs, and three proprietary security platforms. Based in Romania (EU), serving European-regulated organizations.

## About

AWARELY is operated by an accredited cybersecurity trainer with 15+ years of IT experience, DNSC-authorized course completion (NIS Responsible + Cybersecurity Auditor), and CEH (Certified Ethical Hacker) certification. Training approach is aligned with ENISA AR-in-a-Box guidance.

- Website: https://awarely.ro
- Contact: contact@awarely.ro
- Country: Romania (EU)
- Languages: Romanian, English
- Legal framework: NIS2 Directive (EU) 2022/2555, transposed in Romania via OUG 155/2024, approved by Law 124/2025

## Services

### 1. Cybersecurity Awareness Training
Practical training for employees, managers, and operational teams.
- Delivery formats: on-site at client location · live online (Google Meet) · self-paced LMS (learning.awarely.ro)
- Topics: phishing and social engineering · password hygiene and MFA · email safety and data handling · remote work security · incident reporting habits · safe sharing practices
- Aligned with ENISA AR-in-a-Box methodology
- Suitable for NIS2 Art. 21(2)(g) awareness obligation fulfillment
- Certificates of completion available via Awarely Learning LMS

### 2. NIS2 Readiness & Implementation Consulting
Structured support for Romanian organizations subject to NIS2 (OUG 155/2024 / Law 124/2025).
- Scope determination and entity classification (essential vs. important entities)
- Gap analysis against NIS2 Art. 21 requirements
- Risk assessment and security control mapping
- Incident reporting workflows (24h early warning / 72h notification / 1-month final report per Art. 23)
- Audit-ready evidence pack and executive briefings
- Free preliminary NIS2 scope checker: https://awarely.ro/verificare-nis2

### 3. Cybersecurity Education for Schools
Short (1-hour) age-appropriate sessions for high schools and universities.
- Topics: online safety · cyberbullying prevention · scam and phishing detection · digital identity protection
- Aligned with ENISA guidelines for youth cybersecurity education
- Contact schools: contact@awarely.ro

## Platforms

### Awarely Learning — https://learning.awarely.ro
LMS for NIS2 cybersecurity awareness training at scale.
- NIS2 ready-made content package: €1.80/user/month
- Bring Your Own Content (BYOC) with full video library support
- SCORM 1.2 & 2004 · HLS adaptive video streaming · verified certificates + recertification cycles
- Hard deadlines · grace periods · course prerequisites · progress cloning across cohorts
- Manager dashboard · departments · bulk imports · compliance automation
- S3 WORM audit trail (7-year retention) — immutable evidence for NIS2, ISO 27001, SOC 2
- SSO/SAML · SCIM 2.0 · RBAC · webhook automation · learning paths · gamification (badges, leaderboard)
- Add-ons: co-branded subdomain €79/mo · white-label custom domain €149/mo
- Pricing:
  - Starter: €79/month + €3.90/user/month, minimum 10 users, 250 GB storage
  - Growth: €199/month + €2.90/user/month, minimum 25 users, 1,000 GB storage
  - Scale: €499/month + €1.90/user/month, minimum 100 users, 3,000 GB storage
  - Enterprise: €999/month + €1.60/user/month, minimum 250 users, 8,000 GB storage
- 14-day free trial, no credit card required

### Awarely Monitor — https://monitor.awarely.ro
Real-time CVE and vulnerability monitoring with NIS2 context.
- Sources: NVD · CISA KEV (exploited in the wild) · EUVD (European Vulnerability Database) · GitHub Security Advisories
- CVSS + EPSS scoring · status workflow: Seen / Acknowledged / Mitigated / False Positive
- Saved Views · analytics dashboard (5 charts) · team notes (Markdown + activity timeline) · CVE assignment per owner
- Public CVE detail pages — no login required
- Pricing:
  - Free Trial: €0 for 14 days, full Pro access, no credit card required
  - Starter: €59/month — team access, CSV/XLSX, 90-day retention, Saved Views, analytics, CVE assignment, browser push, PWA (no alerts or API)
  - Pro: €199/month — everything in Starter plus email/Slack/Teams/webhook alerts, 12-month retention, immutable audit trail + evidence pack, weekly/monthly PDF reports, NIS2 & ISO 27001 compliance PDF on-demand, SLA tracking (Critical 7d/High 14d/Medium 30d), Jira & Linear integration, EPSS-aware alerting, SSO (1 IdP), REST API 50k req/mo

### Secretus — https://secretus.app
Post-quantum encrypted secret sharing platform (zero-knowledge).
- Zero-knowledge architecture: all encryption happens in the browser; server never holds encryption keys
- EU infrastructure: AWS eu-central-1 (Frankfurt), Romanian entity, GDPR compliant
- SOC 2 compatible · HIPAA compatible · CCPA compliant
- Three encryption modes:
  1. Standard (AES-256-GCM): one-time links, custom expiry 15 minutes to 30 days or any specific date
  2. Maximum Security: Signal Protocol X3DH + Double Ratchet hybridized with ML-KEM-768 (NIST FIPS 203) post-quantum P2P — resistant to harvest-now-decrypt-later attacks
  3. Team Split: Shamir's Secret Sharing k-of-n threshold (2-of-3, 3-of-5) — no single holder can reconstruct alone
- Features: secret revocation · delivery confirmation · request links (ask someone to send YOU a secret) · labels & templates (SSH, API key, database, Wi-Fi) · 90-day audit log (JSON/CSV export) · MFA/TOTP · installable PWA (iOS, Android, desktop)
- Business plan extras: file & audio attachments up to 5 MB · REST API (up to 5 keys) · Compliance PDF (SOC-2, GDPR Art. 30, DORA) · 1-year audit log retention
- Pricing:
  - Starter: $9/month — unlimited secrets, Standard mode, all lifecycle features, 90-day audit log, MFA, PWA
  - Pro: $19/month — everything in Starter plus Maximum Security P2P mode, priority support
  - Business: $33/month — everything in Pro plus Team Split, file/audio attachments, REST API, Compliance PDF
- 14-day free trial, no credit card required

## NIS2 in Romania — Key Facts

- NIS2 Directive (EU) 2022/2555 establishes cybersecurity obligations for essential and important entities across 18 critical sectors
- Romania transposed NIS2 via OUG 155/2024, approved by Law 124/2025
- Competent authority in Romania: DNSC (Direcția Națională de Securitate Cibernetică)
- Estimated 10,000+ Romanian companies may fall under NIS2 obligations
- Key obligations under Art. 21: risk management, vulnerability handling, access control, supply chain security, training and awareness (§2g), business continuity, cryptography
- Incident reporting obligations under Art. 23: 24-hour early warning to DNSC, 72-hour detailed notification, 1-month final report
- Penalties: up to €10 million or 2% of global annual turnover (essential entities); up to €7 million or 1.4% (important entities)
- Training and awareness are explicitly required under NIS2 Art. 21(2)(g)

## Frequently Asked Questions

Q: What is NIS2 and does it apply to my Romanian company?
A: NIS2 (Directive EU 2022/2555) applies to medium and large organizations operating in 18 critical sectors (energy, transport, banking, financial infrastructure, healthcare, drinking water, wastewater, digital infrastructure, ICT service management, public administration, space, postal services, waste management, chemicals, food, manufacturing, and digital providers). Romania transposed it via OUG 155/2024 and Law 124/2025. Use the free scope checker at https://awarely.ro/verificare-nis2 to assess applicability.

Q: What cybersecurity training does AWARELY provide?
A: AWARELY provides on-site training at client locations, live online sessions via Google Meet, and self-paced LMS courses on learning.awarely.ro. Training covers phishing, social engineering, password hygiene, MFA, email safety, remote work security, and incident reporting habits. All programs are aligned with ENISA AR-in-a-Box guidance.

Q: Who delivers AWARELY training programs?
A: Training is delivered by an accredited trainer with 15+ years of IT experience, DNSC-authorized course completion (NIS Responsible + Cybersecurity Auditor certifications), and CEH (Certified Ethical Hacker) certification.

Q: What is Awarely Monitor and how does it help with NIS2?
A: Awarely Monitor tracks CVEs from NVD, CISA KEV, EUVD, and GitHub Advisories with CVSS+EPSS scoring and team-based status workflows. The Pro plan generates NIS2 and ISO 27001 compliance PDF reports, SLA tracking (Critical 7d/High 14d/Medium 30d), and an immutable audit trail — directly supporting NIS2 Art. 21 vulnerability management obligations.

Q: What is the difference between Awarely Monitor Starter and Pro?
A: Starter (€59/month) includes shared team access, CSV/XLSX export, 90-day retention, CVSS+EPSS scoring, CVE status workflow, bulk updates, team notes (Markdown), CVE assignment, browser push, Saved Views, analytics dashboard, and PWA — no alerts or API. Pro (€199/month) adds email/Slack/Teams/webhook alerts, 12-month retention, immutable audit trail, PDF reports, NIS2/ISO 27001 compliance PDF on-demand, SLA tracking with breach alerts, Jira & Linear integration, SSO, and REST API.

Q: What is Secretus and is it GDPR compliant?
A: Secretus is a zero-knowledge encrypted sharing platform where no plaintext ever reaches the server. All crypto runs in the browser via Web Crypto API. Infrastructure is in the EU (AWS Frankfurt), operated by a Romanian entity, GDPR compliant by design. Suitable for sharing passwords, API keys, credentials, and sensitive documents that should expire after one view.

Q: What is the difference between Awarely Learning Starter and Growth?
A: Starter (€79/month + €3.90/seat) supports a minimum of 10 users and 250 GB storage. Growth (€199/month + €2.90/seat) supports a minimum of 25 users and 1,000 GB. Both include all core features including SCORM, certificates, and compliance exports. Per-seat cost decreases with higher tiers.

Q: Does AWARELY provide cybersecurity programs for schools?
A: Yes. AWARELY runs short (1-hour) age-appropriate cybersecurity workshops for high schools and universities in Romania, aligned with ENISA youth education guidelines. Contact: contact@awarely.ro

Q: Is AWARELY training aligned with ENISA guidance?
A: Yes. AWARELY awareness programs follow the ENISA AR-in-a-Box framework and are designed with measurable outcomes and clear KPIs, meeting the training obligations of NIS2 Art. 21(2)(g).

## Links

- Homepage: https://awarely.ro
- Full commercial offer: https://awarely.ro/offer
- NIS2 scope checker (free): https://awarely.ro/verificare-nis2
- Awarely Learning LMS: https://learning.awarely.ro
- Awarely Monitor CVE: https://monitor.awarely.ro
- Secretus encrypted sharing: https://secretus.app
- Privacy policy: https://awarely.ro/privacy
- Terms of service: https://awarely.ro/terms
- Contact: contact@awarely.ro