Christine Lagarde, the President of the European Central Bank (ECB), has warned that a cyber attack on a major financial institution could trigger a liquidity crisis.
On Feb 5th 2020, Lagarde said that any significant operational outages that encrypted or destroyed account balances could trigger a liquidity crisis.
“History shows that liquidity crises can quickly become systemic crises”
“The ECB is well aware that it has a duty to be prepared and to act pre-emptively.”
During her speech, Lagarde went on to reference the ESRB (European Systemic Risk Board) report that contains estimates of global cyber attacks that could be in the region of €500 billion.
“The ECB itself and of course the global financial sector is no stranger to cyber attacks and will continue to be a massive target for cyber threat actors. Therefore the sector itself must raise their game and work together to build defences and a stronger ecosystem. Cyber resilience is key for the financial sector and the ECB has articulated their minimum expectations. The leaders of the financial sector need to gain an understanding of the key issues and challenges so they can develop appropriate strategies.” Paul C Dwyer – CEO – Cyber Risk International – www.cri.ie
It is no secret that financial sector is a particular focus for cyber threat actors. The sector is interdependent and interconnected and any impact on it may have a knock on or contagion effect upon the wider industry. Cybercriminals have developed targeted methodologies and resources in order to compromise what they see as the “low hanging fruit” targets.
Cyber resilience including incident response is a leadership issue and those with the responsibility of protecting the financial sector need to understand how to handle a cyber incident.
CRI has developed a non-technical course specifically for senior executives that wish to understand what is involved in planning for and responding to cyber-attacks in the financial sector.
Delegates of this two-day bootcamp course will learn why the financial sector continues to be such a large target for the cyber threat actors and gain a holistic understanding of the cyber incident response process. The syllabus outlines all the stages involved from prevention to eradication and recovery. Delivered by a highly experienced cyber security expert, referencing real life case studies and outlining practical and pragmatic steps every organisation can take.
Who is the Course for?
– CISO, Head of IT Security
– CRO, Head of Risk
– CIO, CTO and IT Directors
– Project Managers and BCP Managers
– Head of Security Legal and Compliance
– IT Managers and Service Managers
– Mid to Senior IT Administrator and Network Managers
– Change and Incident Managers
– Head of Audit & Senior Auditors Information Security Managers
– Any Senior Executive With Responsibility for Cyber Risk
– Understanding Cyber Resilience
– Cyber Threat Landscape 2020
– Financial Sector Sector Interconnected and Interdependent
– Complex Regulatory Landscape
– Sector Characteristics
– Specific Digital Challenges
– Emerging Threats
– Developing a Cyber Strategy
– Understanding the incident response process
– Prepare Information Sheets and Checklists
– Train the Response Team and Practice the Plan
– Have the Right Tools
– Outsource Monitoring and Testing
– Precursors and Indicators
– Tools Used to Detect Cyberattacks
– Situational Awareness Categorisation
– IR In a Nutshell
– Preparing a Team for a Cyberattack
– Identify key Actors and Their Roles
– Key Responsibilities of the CSIRT
– CSIRT Roles
– CSIRT Models
– The Cyber Crisis Communication Plan
– Role and Elements of the Crisis Communication Plan
– Communicating with Key External Stakeholders
– The Media
– Law Enforcement
– Incident Reporting Organisations
– Impacted External Parties
– Communicating with Internal Stakeholders
– Channels of Communication
– Escalation Strategies
– Putting it Altogether
– Post-Incident Analysis
– Lessons Learned Meeting
– Incident Report
– Complete the Improvement Feedback Loop
– Empowering the Board with Key Metrics
Workshop: Walk through of a real life cyber attack scenario on an entity from the financial sector.
Course Director: Paul C Dwyer
Author: The Art of Cyber Risk Oversight
Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients.
Certified an industry professional by the International Information Security Certification Consortium (ISC2) and the Information System Audit and Control Association (ISACA). Approved by the National Crime Faculty and the High Tech Crime Network(HTCN). He has worked extensively around the world, his diverse career spans more than 25 years working with military, law enforcement and the commercial sector.
Roles have included:
• President of the International Cyber Threat Task Force (ICTTF)
• Co Chairman of the UK National Crime Agency (NCA) Industry Group
• Advisor to National Counter Terrorism Security Office (NaCTSO)
• Advisor to NATO on Countering Hybrid Cyber Threats
• Advisor to UK Defence Committee (DEFCOM) in Parliament
• Deputy Chair – Organised Crime Task Force Industry Group – NI
• Interim Global CISO for Numerous Multi-National Organisations
• Advisor to Numerous Governments and Intelligence agencies
Paul is a member of a number of industry groups including the IoD (Institute of Directors), IIEA (Institute of International and European Affairs) and the IRM (Institute of Risk Management).
As an accomplished serial entrepreneur he has successfully built a number of security practices in the UK & Ireland and in 2016 was identified by Business and Finance as one of Ireland’s Top 100 CEOs.
His career started as a technical networking specialist, he then specialised, trained and qualified in a number of disciplines including but not limited to ethical hacking, forensics, international management systems, risk management, business continuity, international governance frameworks, financial service regulations, cyber laws and project management.
MARK CONABEARE – DEBENHAMS PLC DENISE COMERFORD – INTO CREDIT UNION RONAN TIMMONS – INVESTEC BANK PLC MARTIN TANG - IRM Ian Brennan - Laya Healthcare MARTIN MCCAULEY - W & R BARNETT MICHAEL MCHUGH – INTO CREDIT UNION BRÓNAGH DOHERTY - INTERTRUST ANGELA MORAN – AIB JOHN CARROL – INVESTEC BANK PLC SHANE O’CONNOR – SUSQUEHANNA INTERNATIONAL GROUP SHANE O’REILLY – TOTAL PRODUCE DEREK HARDIMAN – ABBEY CAPITAL PADDY HAND – NSSL GERARD CLEAR – CABOT FINANCIAL
MARK CONABEARE – DEBENHAMS PLC
DENISE COMERFORD – INTO CREDIT UNION
RONAN TIMMONS – INVESTEC BANK PLC
MARTIN TANG - IRM
Ian Brennan - Laya Healthcare
MARTIN MCCAULEY - W & R BARNETT
MICHAEL MCHUGH – INTO CREDIT UNION
BRÓNAGH DOHERTY - INTERTRUST
ANGELA MORAN – AIB
JOHN CARROL – INVESTEC BANK PLC
SHANE O’CONNOR – SUSQUEHANNA INTERNATIONAL GROUP
SHANE O’REILLY – TOTAL PRODUCE
DEREK HARDIMAN – ABBEY CAPITAL
PADDY HAND – NSSL
GERARD CLEAR – CABOT FINANCIAL