Status of privacy and NIS course curricula in Member States

User education is key in cyber security. Our work for this report follows up on previous efforts and suggested recommendations from 2014 and 2013. The first objective of this report is to identify gaps between available training courses, certifications and NIS education needs with particular emphasis on ePrivacy. The second objective is to suggest further actions based on the analysed needs of NIS communities in Europe. From the desktop research, the focus for most of the courses that included privacy appeared to be in the computer science, computer security, information security, and cybercrime and cyber security subject areas. However there were a number of courses that included privacy law (Information Technology, Commercial, Corporate, Communications and Property), marketing and ethics. For several reasons, it may be that privacy is an area that relatively lately is gathering attention (compared to Network and Information Security). However this idea would require further future research to be proved. In terms of existing Massive Open Online Courses- MOOCs, the offer around the subject of Privacy and Data Protection is limited in general and there is a particular lack of MOOCs in the European context, both in terms of delivery by European Universities/Institutes and also covering Privacy and Data Protection Legislations and debates at European Levels. Furthermore, MOOCs and serious games are a path which is being explored as a practical way to transfer knowledge, support learning, raise awareness, offer professional training and unveil controversial issues and practices surrounding Privacy and Data Protection.