The Cyber Risk course will be updated to reflect changes in the environment. The course will start with an overview about the state of play and recent notable developments, followed by a stock-take of the cyber landscape; then several core topics will be explored. Whilst supervision will remain the basis of the course, in the light of DORA, the course will be more hands on and interactive, with actual case studies on each core topic.
For each of the topics covered by the course, the sessions will be based on a case study that integrates the subject matter with an actual review of a fictitious financial entity (or financial group). For example, we will set out a financial entity/group and its operating model at the start of the course. Thereafter, for each session, we will set out a case related to that entity/group – e.g. supervision session will result in the participants developing an onsite inspection scope, agenda, test plan and we will conduct an actual onsite inspection interview. This will combine theory with actual practice all the way through the course. A cyber simulation exercise will be also integrated into the course, where participants will be split into teams and they will play different roles in the overall simulation. The simulation exercise will take a wider perspective to look at interdependencies and contagion effects across the financial system.
Strategy
Regulation
Supervision
Incident reporting
Information sharing
Testing and exercising
Third-party risk management
Systemic cyber risk
New technologies
Understand sources of cyber risk
Understand cyber risk management principles
Understand frameworks for cyber testing
Compare different approaches to cyber resilience
Identify, within different approaches, main principles for the management of cyber risks and cyber incidents
Analyse and critically assess different approaches and rules on cyber risk management
Important notice:
This advanced training week has a regulatory focus, i.e., it does not cover cyber risk from an advanced technical perspective. The course is addressed to officers having a basic knowledge/experience who want to improve their understanding of cyber risk management.
Essential: Adequate experience in financial sector regulation and supervision.
Essential: Basic knowledge/experience of cyber risk management.
We use cookies to help personalise content and provide a better experience. By clicking Accept all, you agree to this, as outlined in our Cookie Policy. To change preferences or withdraw consent, please update your Cookie Preferences.
