Cyber Risk Management London
We are bringing our cyber risk course to London for the second time to provide delegates with best practice strategies for ownership of cyber risk management and business wide implications such as third party vendor risk and operational resilience.<br />
This Cyber Risk Management course is designed for anyone who is working in, or interacts with cyber risk in financial services.
Sessions will cover where cyber risk fits into overall risk strategy and works together with operational risk, how to design, implement and manage a cyber risk program, third party vendor risk and incident management amongst others. Held under Chatham House rule, this training provides delegates access to a collaborative and open learning environment.
How cyber risk fits into risk management and how to develop risk appetite limits for security risk
Best practice approaches to integrating risk and IT
How to obtain, manage and utilise risk analytics and data
The various options available for modelling cyber risk
The relationship between cyber risk and human behaviour and how to explore people controls
Incident management and business continuity planning from an insurance perspective
Cyber Risk in Risk Management and Governance
Integrating Cyber Risk and IT
Designing, Implementing and Managing a Cyber Risk Programme
Risk Analytics and Data
Modelling Cyber Risk
Third Party Vendor Risk
Relationship between Cyber Risk and Human Behaviour
Incident Management and Business Continuity Planning – Insurance Perspective
Former Head of Information Security, Bank of Ireland
• Former Head of Information Security, Bank of Ireland
• Founder, OutThink
• Security Behaviour Practitioner, Research Institute in Science of Cyber Security (RISCS)
As Head of Information Security of Bank of Ireland, Flavius was responsible for all aspects of information security risk and compliance as well as managing the information security improvement programme. Having successfully built security culture and behavioural change programmes from the ground up Flavius brings an often opinionated and forward thinking view of assessing and managing human risk, but is able to do so with humour and pragmatism (mostly). An international public speaker Flavius contributes to a number of industry forums and events, openly sharing knowledge and best practice.
Flavius is also the Founder of OutThink and Research Institute in Science of Cyber Security (RISCS) Practitioner. The primary objective of the Institute is to develop novel, innovative social-science and socio-cultural techniques for cyber security.
Maarten van Wieren Ph.D
Managing Director, Cyber Risk
Maarten has been working in risk management for over 10 years, trained in financial risk management for a multinational life insurer as well as for the big-four. Over the last four years, he worked with the World Economic Forum to internationally develop the field cyber risk quantification and cyber risk management. At Aon Netherlands, he leads the Cyber Solutions Group and is responsible for serving Aon clients with state of the art solutions ranging from cyber risk management implementation to cyber insurance underwriting. Maarten holds a PhD in theoretical physics and is specialized in complex systems.
Independent Cyber Security and Risk Management Consultant
Steve is an independent Cyber Security and Risk Management Consultant specialising in the provision of risk services to clients across the enterprise, with specialism in information security environments.
Steve holds an MSc in Information Security, having graduated with distinction from Royal Holloway, University of London in 2006. He is a Certified Information Systems Security Professional, a Certified Information Security Manager, Certified in Risk and Information System Controls, a Member of the Institute of Information Security Professionals, a Member of the British Computer Society and a Chartered IT Practitioner.
Prior to establishing his own company in 2016, Steve was a Senior Manager in Ernst & Young’s IT Risk Advisory practice, following a successful career in the pharmaceutical industry where his roles included Risk Management Service Management, Enterprise Architecture, and Information Security. Since 2016 Steve has been continuously employed in the Financial Services sector, providing first and second line oversight to cybersecurity transformation and major risk programmes for a mutual insurance society and a major high-street bank.
Head of Cyber Risk & Chairperson
Artemis Funds Management & Women's Security Society Board
Vicki Gavin is recognized as an expert in cyber security. She was Cyber Security Woman of the Year and Security Serious Unsung Hero Awards, Marathon (Wo)man. She has been an invited speaker at an array of industry conferences including Info Crime Summit, InfoSec Europe and Enterprise IT Security Conference and is Chairperson of the Women's Security Society Board (2016 - Present). Currently she is Head of Cyber Risk at Artemis Fund Management. Previously she was Data Protection Officer and Head of Information Security at the Northview Group responsible for managing both privacy and security risk. She joined Northview from The Economist Group where she was Compliance Director, Head of Business Continuity, Information Security and Data Privacy establishing the firm’s cyber security and compliance programmes. Prior to this she was Head of Business Continuity and Business Risk at Barclaycard, Head of Recovery Planning & Crisis Management at Barclays Bank, and held various positions at Dresdner Kleinwort Wasserstein after emigrating from Canada. Vicki is MBCI and CRISC Certified, holds a BSc in Physics and a postgraduate Diploma in Teaching Adults.
Director of Risk Analysis and Insights
Courtenay Brammar is Director of Risk Analysis and Insights at CyberSecurityCaseStudies.com and is an experienced global enterprise and cyber risk professional. She previously led Morgan Stanley’s global operations’ risk assessment programme and prior to that was a key member of Deloitte’s Risk and Regulation consulting practice. Extensive experience of corporate governance considerations often bridging between technology teams, executive management and regulators. Since 2014 Courtenay has been researching cyber security events facilitated by a purpose-built technology platform, providing actionable advice and insights on the subject to clients across traditional finance, fintech and NGOs.
Paul De Luca
Risk Architecture Director, Enterprise Risk Management
Paul is significantly experienced in all aspects of information security risk and assurance. He started building networks from the ground up in the mid 1980s, designed and secured Internet banking platforms in the 1990s and worked on chip card cryptanalysis. He has spent many years improving risk management across financial services, commerce, manufacturing, and domestic and foreign government.
Paul is recognised as being at the leading edge of this subject and implements solutions which focus effort where it has greatest effect. His work has been included as a case study in the Information Security Forum's recent report on quantitative techniques and is contributing to Douglas Hubbard's latest book on the failure of risk management (due to be published in 2019).
Head of IT Risk & Governance
Lloyds Banking Group
Ameet began his career in Financial Services in 1998 and has held a number of risk and compliance roles since. He settled in the world of Information Security and Technology Risk in 2007 when he joined Aviva, running several global security projects. In 2015 he joined Direct Line Insurance Group where he was the Head of IT and Cyber risk in the first line, leading several risk transformation initiatives. At the start of 2019 he joined Lloyds Banking Group as the Head of IT Risk and Governance in the second line.
Sessions include model risk, data management and gaining business value from stress testing
This training programme will provide delegates with a new or improved understanding of operational risk management, providing case studies and knowledge from a wide range of speakers from different companies and industries. Sessions will cover; governing and implementing an op risk framework, risk a