London, Europe, USA East Coast Time Zones
CPEs: 24
Instructor: Sue Milton
Level: Intermediate
Tuition: £2,995.00
Register Now

NEW Understanding Cyber Exposure in Banks and Financial Institutions RM090

Location: London, Europe, USA East Coast Time Zones

First Date: Oct 17 - 19 2022

Duration: 3 days

Programme Director: Sue Milton

All Dates & Locations
Venue Details

Experience the highly-interactive expert-led social learning through Virtual Classroom via Cisco by Webex via Risk Reward.

All our 2022 Virtual Classroom events feature shared (or discrete) live chat between delegates and the expert, participate in topical surveys, polling questions, group exercises and case studies for a tried -and- true engaging and gratifying learning experience.

Need face to face or to bring this course in house? Simply contact us for significant cost savings and dates to best suit your needs.


Agenda Highlights

Session 1: What is Cybersecurity

Session 2: The Cyber Framework

Session 3: Assessing Cyber Exposure

Session 4:Information Security

Session 5: Threat Analysis

Session 6: The Impact of Changing Work Patterns on Cybersecurity

Session 7: Cyber Risk Assessment

Session 8: The Cybersecurity Program

Session 9: Investigating Cybersecurity Incidents


This course takes delegates through the essential elements of cyber security, focussing on practical issues and the integration into risk management.  With a focus on the practical issues that are likely to be faced and the also addressing the new rules on operational resilience from a cyber security perspective, the course takes delegates systematically through the key elements of the identification and assessment of cyber exposure.

By the conclusion of the event delegates will have gained an appreciation of the governance, regulations, challenges and risk mitigation that are available to an organisation building into the development of an effective cyber risk management framework.

Who Should Attend
  • Heads of Risk, audit
  • Managers
  • Department Heads
  • Credit lending policy makers
  • Underwriters

Delegates who complete the course will receive a Certificate in Understanding Cyber Exposure following an optional 20-question multi-choice remotely invigilated quiz.

Additional Course Information

What Does It Cover?

Session 1:   What is Cybersecurity? 

  • How is it defined?
  • What are the key issues?
  • Who are we seeking to avoid?
  • The current guidance
  • Internal v external
  • Historic threats and cases
  • The purpose of a cyber security program
  • Tools and techniques


Session 2:  The Cyber Framework

  • Alignment to the Risk Appetite Framework
  • Applying risk appetite
  • The key elements of the framework
  • Tone from the top
  • Governance and control
  • Alignment with operational resilience


Session 3:  Assessing Cyber Exposure 

  • Where do we have exposure?
  • What can happen?
  • Cases and examples of failure
  • Assessing cyber exposure
  • Mitigating cyber risk
  • Insurance and other mitigation


Session 4:  Information Security 

  • What is key data?
  • How is this impacted by cybersecurity?
  • Data requiring protection
  • Information security program
  • Security policies, standards and guidelines
  • Impact of cybersecurity on information security


Session 5:  Threat Analysis 

  • Current cybersecurity threats
  • Heightened risk – Joint guidance
  • Risks of Denial of Service (DDoS) – FDIC guidance
  • Security risks of VOIP  – FDIC guidance
  • Pharming attacks and phishing
  • Keeping ahead of the malicious agents
  • Wireless technology risks
  • Risks in the cloud
  • Vulnerability assessment
  • Collection of data
  • Risk appetite, risk acceptance and cybersecurity
  • Mitigation and anticipation


Session 6:  The Impact of Changing Work Patterns on Cybersecurity

  •  How are work patterns changing as a consequence of the crisis?
  • Are these changes likely to be permanent?
  • What does this mean for cybersecurity?
  • How does this change the risk assessment?
  • Impact on data security
  • Impact on business continuity planning
  • Impact on productivity


Session 7:  Cyber Risk Assessment

  • The assessment process
  • Threat metrics
  • Threat models
  • Threat matrix
  • Denial of service attacks (DOS)
  • Attack vendors
  • Attack trees


Session 8:  The Cybersecurity Program

  • The key elements
    • Framework
    • Charter
    • Policies
    • Process
    • Measurement
  • Corporate governance
  • Identity and access management
  • The 3 lines model and cybersecurity
  • Due care considerations
  • Due diligence
  • Forward looking identifiers
  • Benchmarking
  • Incident management plan
  • Enterprise security architecture
  • Ethical hacking
  • Other matters 

Case Study:  Creating forward looking identifiers – what matters?


Session 9:  Investigating Cybersecurity Incidents 

  • Regulatory guidance
  • Actions to be taken
  • Governance and management
  • Operational resilience requirements
  • Identifying information
  • Tracking activity
  • Data mining
  • Reporting and tracking
Learning Objectives

Delegates will gain specialist technical and behavioural knowledge,  techniques and skills, experience ‘on-the-job-style’ training in group discussion and developing audit programs in the classroom for immediate application in the workplace in practise with a focus on:

  • The nature of cyber security and who conducts it
  • Assessing cyber security and alignment to risk management
  • Threat and vulnerability assessment
  • The role of insurance
  • The cyber security program
  • Incident management
Social Learning & Methods

Highly interactive expert-led intensive presentation, Q&A, group real-time in-depth case studies, regulation and discussion supported by key principles and theory. The virtual learning platform uses safe, industry preferred software to optimize live face-to-face visual interaction, discrete chat, for polling and quizzes.

(An invitation via email with access link is included for all participants.)


NEW Understanding Cyber Exposure in Banks and Financial Institutions

Course Fee

Course Fee (per person):
GBP £2,995.00 (+ UK VAT when applicable)

Number of delegates:

Data Privacy & Update of Contact Details Risk Reward Limited is fully compliant with the Data Protection Act. The information you provide will be safeguarded by Risk Reward Ltd. We do not rent, sell or exchange your details to anyone without your consent. Your details are never given to third parties. If you wish to update your details, please email: with your OLD and NEW details. Please allow 10 days to see the changes take effect. Thank you.

Terms and Conditions: You can cancel at any time. Due to the on-going COVID 19 environment cancellations may be made at any time for either a full refund or a credit towards another event occurring within the following 6 month period. Simply email or telephone the London Client Services team at to advise your preference and we will do our best to accommodate your circumstances. Risk Reward Ltd receives the right to a final decision in the event of a dispute.

All Risk Reward public courses are guaranteed to run although those offered by affiliates are subject to demand
SKU: TEMPLATE-20 Categories: ,

Quick Contact

    Get in touch and see how Risk Reward can help you

    Our London team are ready to answer questions, provide information & choices to help make your public seminar booking in a prompt, professional & friendly manner.

    Get in touch and see how Risk Reward can help you

    Our London team is ready to listen carefully to your needs, take the brief, explore options, offer suggestions and help you in a professional and friendly manner.