Cyber Resilience
Financial Sector


Summary Details

 

Christine Lagarde, the President of the European Central Bank (ECB), has warned that a cyber attack on a major financial institution could trigger a liquidity crisis.
 
On Feb 5th 2020, Lagarde said that any significant operational outages that encrypted or destroyed account balances could trigger a liquidity crisis.
 
“History shows that liquidity crises can quickly become systemic crises”
“The ECB is well aware that it has a duty to be prepared and to act pre-emptively.”
During her speech, Lagarde went on to reference the ESRB (European Systemic Risk Board) report that contains estimates of global cyber attacks that could be in the region of €500 billion.
 
“The ECB itself and of course the global financial sector is no stranger to cyber attacks and will continue to be a massive target for cyber threat actors. Therefore the sector itself must raise their game and work together to build defences and a stronger ecosystem. Cyber resilience is key for the financial sector and the ECB has articulated their minimum expectations. The leaders of the financial sector need to gain an understanding of the key issues and challenges so they can develop appropriate strategies.” Paul C Dwyer – CEO – Cyber Risk International – www.cri.ie


Course Overview:

 

It is no secret that financial sector is a particular focus for cyber threat actors. The sector is interdependent and interconnected and any impact on it may have a knock on or contagion effect upon the wider industry. Cybercriminals have developed targeted methodologies and resources in order to compromise what they see as the “low hanging fruit” targets.
 
Cyber resilience including incident response is a leadership issue and those with the responsibility of protecting the financial sector need to understand how to handle a cyber incident.
 
CRI has developed a non-technical course specifically for senior executives that wish to understand what is involved in planning for and responding to cyber-attacks in the financial sector.
 
Delegates of this two-day bootcamp course will learn why the financial sector continues to be such a large target for the cyber threat actors and gain a holistic understanding of the cyber incident response process. The syllabus outlines all the stages involved from prevention to eradication and recovery. Delivered by a highly experienced cyber security expert, referencing real life case studies and outlining practical and pragmatic steps every organisation can take.

 

Who is the Course for?

– CISO, Head of IT Security
– CRO, Head of Risk
– CIO, CTO and IT Directors
– Project Managers and BCP Managers
– Head of Security Legal and Compliance

– IT Managers and Service Managers
– Mid to Senior IT Administrator and Network Managers
– Change and Incident Managers
– Head of Audit & Senior Auditors Information Security Managers
– Any Senior Executive With Responsibility for Cyber Risk

Course Syllabus
Module 1 – Cyber Threats and the Financial Sector
– Understanding Cyber Resilience
– Cyber Threat Landscape 2020
– Financial Sector Sector Interconnected and Interdependent
– Complex Regulatory Landscape
– Sector Characteristics
– Specific Digital Challenges
– Emerging Threats
– Developing a Cyber Strategy

Module 2: Incident Response an Introduction
– Understanding the incident response process
– Prevention
– Planning
– Preparation
– Reporting
– Prepare Information Sheets and Checklists
– Train the Response Team and Practice the Plan
– Have the Right Tools
– Outsource Monitoring and Testing
– Detection
– Precursors and Indicators
– Tools Used to Detect Cyberattacks
– Situational Awareness Categorisation
– Documentation
– IR In a Nutshell


Module 3: Elevate and Communicate
– Preparing a Team for a Cyberattack
– Identify key Actors and Their Roles
– Key Responsibilities of the CSIRT
– CSIRT Roles
– CSIRT Models
– The Cyber Crisis Communication Plan
– Role and Elements of the Crisis Communication Plan
– Communicating with Key External Stakeholders
– The Media
– Law Enforcement
– Regulators
– Incident Reporting Organisations
– Impacted External Parties
– Communicating with Internal Stakeholders
– Channels of Communication
– Escalation Strategies
– Putting it Altogether

Module 4: Eradicate and Recover
– Eradication
– Recovery
– Post-Incident Analysis
– Lessons Learned Meeting
– Incident Report
– Complete the Improvement Feedback Loop
– Empowering the Board with Key Metrics


Module 5: TTX – Tabletop Exercise

Workshop: Walk through of a real life cyber attack scenario on an entity from the financial sector.


Course Director: Paul C Dwyer
Author: The Art of Cyber Risk Oversight

Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients.

Certified an industry professional by the International Information Security Certification Consortium (ISC2) and the Information System Audit and Control Association (ISACA). Approved by the National Crime Faculty and the High Tech Crime Network(HTCN). He has worked extensively around the world, his diverse career spans more than 25 years working with military, law enforcement and the commercial sector.

Roles have included:

• President of the International Cyber Threat Task Force (ICTTF)
• Co Chairman of the UK National Crime Agency (NCA) Industry Group
• Advisor to National Counter Terrorism Security Office (NaCTSO)
• Advisor to NATO on Countering Hybrid Cyber Threats
• Advisor to UK Defence Committee (DEFCOM) in Parliament
• Deputy Chair – Organised Crime Task Force Industry Group – NI
• Interim Global CISO for Numerous Multi-National Organisations
• Advisor to Numerous Governments and Intelligence agencies

Paul is a member of a number of industry groups including the IoD (Institute of Directors), IIEA (Institute of International and European Affairs) and the IRM (Institute of Risk Management).

As an accomplished serial entrepreneur he has successfully built a number of security practices in the UK & Ireland and in 2016 was identified by Business and Finance as one of Ireland’s Top 100 CEOs.
His career started as a technical networking specialist, he then specialised, trained and qualified in a number of disciplines including but not limited to ethical hacking, forensics, international management systems, risk management, business continuity, international governance frameworks, financial service regulations, cyber laws and project management.

Delegates Feedback



An eye opening course bringing to life exactly what a CISO is and maybe more importantly what is isn’t. Many lightbulb moments that will help refocus how to better align security with the business, and what it takes to be successful.

MARK CONABEARE – DEBENHAMS PLC

CRI
2018-07-02T12:35:49+01:00

MARK CONABEARE – DEBENHAMS PLC

An eye opening course bringing to life exactly what a CISO is and maybe more importantly what is isn’t. Many lightbulb moments that will help refocus how to better align security with the business, and what it takes to be successful.
Would highly recommend this boot camp. It was very informative, especially considering I do not come from a techy background. Great course to enable you to be a business protector.

DENISE COMERFORD – INTO CREDIT UNION

CRI
2018-07-02T12:30:03+01:00

DENISE COMERFORD – INTO CREDIT UNION

Would highly recommend this boot camp. It was very informative, especially considering I do not come from a techy background. Great course to enable you to be a business protector.
Good spread of topics, Good delivery and pace.

RONAN TIMMONS – INVESTEC BANK PLC

CRI
2018-07-02T12:30:30+01:00

RONAN TIMMONS – INVESTEC BANK PLC

Good spread of topics, Good delivery and pace.
0
0
CRI

Excellent Course, Unparalleled thought leadership expertise, amazing presentation skills, thank you I could attend.

MARTIN TANG - IRM

CRI
2018-07-02T11:37:46+01:00

MARTIN TANG - IRM

Excellent Course, Unparalleled thought leadership expertise, amazing presentation skills, thank you I could attend.
I found the 2 days course excellent. It provoked good discussions and Paul gave great examples of boot practice.

Ian Brennan - Laya Healthcare

CRI
2018-07-02T12:07:13+01:00

Ian Brennan - Laya Healthcare

I found the 2 days course excellent. It provoked good discussions and Paul gave great examples of boot practice.
A very well formed two day course, very dynamic topics, backed with real world examples.

MARTIN MCCAULEY - W & R BARNETT

CRI
2018-07-02T12:08:07+01:00

MARTIN MCCAULEY - W & R BARNETT

A very well formed two day course, very dynamic topics, backed with real world examples.
0
0
CRI

Keep up the good work, Excellent vision of cyber risk today and into the future.

MICHAEL MCHUGH  – INTO CREDIT UNION

CRI
2018-07-02T12:25:37+01:00

MICHAEL MCHUGH  – INTO CREDIT UNION

Keep up the good work, Excellent vision of cyber risk today and into the future.
I found the course fantastic. It was extremely engaging & interactive throughout. It was very informative & the content was interesting and current & relevant to my service line.

BRÓNAGH DOHERTY - INTERTRUST

CRI
2018-07-02T12:08:59+01:00

BRÓNAGH DOHERTY - INTERTRUST

I found the course fantastic. It was extremely engaging & interactive throughout. It was very informative & the content was interesting and current & relevant to my service line.
Very informative and enjoyable course.

ANGELA MORAN – AIB

CRI
2018-07-02T12:20:39+01:00

ANGELA MORAN – AIB

Very informative and enjoyable course.
0
0
CRI

Great content, Interesting & fast paced

JOHN CARROL – INVESTEC BANK PLC

CRI
2018-07-02T12:26:58+01:00

JOHN CARROL – INVESTEC BANK PLC

Great content, Interesting & fast paced
Very enjoyable & well presented. Liked the approach to integrate with practical real world examples. Would recommend

SHANE O’CONNOR – SUSQUEHANNA INTERNATIONAL GROUP

CRI
2018-07-02T12:27:35+01:00

SHANE O’CONNOR – SUSQUEHANNA INTERNATIONAL GROUP

Very enjoyable & well presented. Liked the approach to integrate with practical real world examples. Would recommend
An eye opener giving a global picture backed up with real world examples, Great Knowledge.

SHANE O’REILLY – TOTAL PRODUCE

CRI
2018-07-02T12:27:59+01:00

SHANE O’REILLY – TOTAL PRODUCE

An eye opener giving a global picture backed up with real world examples, Great Knowledge.
0
0
CRI

Excellent stuff – Paul is a mine of information.

DEREK HARDIMAN – ABBEY CAPITAL

CRI
2018-07-02T12:28:35+01:00

DEREK HARDIMAN – ABBEY CAPITAL

Excellent stuff – Paul is a mine of information.
Course content excellent, well presented at a good pace.

PADDY HAND – NSSL

CRI
2018-07-02T12:29:12+01:00

PADDY HAND – NSSL

Course content excellent, well presented at a good pace.
Quality course content explained in easy to connect real life situations. Highly knowledgeable professionals in the world of cyber and reality.

GERARD CLEAR – CABOT FINANCIAL

CRI
2018-07-02T12:29:36+01:00

GERARD CLEAR – CABOT FINANCIAL

Quality course content explained in easy to connect real life situations. Highly knowledgeable professionals in the world of cyber and reality.
0
0
CRI