Building Resilience through Emotional Intelligence

Dates:  11 June 2019
Venue: Securities Commission Malaysia
Accreditation: SIDC CPE Eligible

Cyber risk has remained the top 10 challenges facing financial institutions and many organisations. Cyber attackers are quick to adapt and getting more resourceful, as shown by frequency and variety of threats. Risks such as operational, credit and liquidity are easier to model, quantify or hedge, but cyber risk involves many unknowns internally and externally.
The consequences of an attack is almost usually departments in disarray and ongoing tangible and intangible costs incurred. There would be an immediate need to prioritise actions and decisions based on classifying the incident in terms of impact and urgency. Then there is reputational damage, which may affect the company’s response, as public perception needs managing at the same time.
Financial institutions and organisations alike should build their resilience because attackers themselves are resilient. They are able to evolve rapidly to come up with new ways to attack. Companies need to build controls to detect where internal and external issues may occur. They need to monitor, catch or prevent attackers in the process.
The programme builds on the intermediate to advanced level knowledge of cyber security management to equip participants with the know-how in managing cyber security risk in an organisation. This is not limited to technical measures and controls but also takes into account the people, processes, governance and culture in your organisation.

  • Programme Delivery

    Programme Objective

    Participants will be able to implement a cyber-resilience programme for their organisation by assessing the issues and challenges.

    Learning Outcomes

    By the end of this programme, participants will be able to:
    • identify the challenges facing organisations in managing cyber risk
    • recognise standards and best practices in cyber security
    • describe the need to develop controls to identify internal and external issues
    • assess organisational readiness through the analysis of the main cyber risks
    • recommend the steps and processes in developing an cyber resilience programme

    Target Audience

    Employees who require cyber security knowledge, Directors (CEO, CIO, CSO), risk managers, IT security managers, IT risk managers, IT managers, security analysts,
    PLCs, SMEs, legal firms, consultancy firms, accounting firms, fund management companies, stockbroking firms, investment banks, risk management and solutions providers

    Technical Skills - Digital Technology Application
  • Programme Outline

    8.30 am Registration
    9.00 am
    The Cyber Risk Challenge
    • The nature of cyber risk and types of cyber attack
    • Cyber security vs. cyber resilience
    • Lessons learnt– Cyber breaches in Malaysia
    • Current cyber security standards and best practices
    10.45 am Coffee Break
    11.00 am Protecting the Business and their Customer
    • Most vulnerable point of entry – The human element
    • Building controls – Detecting internal and external issues
    • Monitor, catch or prevent attacks – Analysing processes
    • Keeping tabs on internal gaps - Employee profiling, behaviour-based analytics, social media behaviours
    1.00 pm Lunch Break
    2.00 pm Pillars of Cyber Resilience
    • Multi-dimensionality of Cyber Risks – Focusing on 3 main risks 
    • Risk 1 - IT/technology Risks
      • Conducting systems and data surveillance
      • Penetration testing
      • Integration of tech risk management programme with operational risk efforts
    • Risk 2 - Operational Risks
      • Defining operational risk appetite
      • Controls to detect or prevent cyber attack
      • End-to-end framework
    • Risk 3 - Fraud and Financial Crime
      • Industry sharing of attack data – improve detection and response
      • Ability of surveillance programme to monitor anomalies inside the institution
      • Can your business processes spot criminal activities?
    3.30 pm Coffee Break
    3.45 pm Building Blocks of a Cyber Resilience Programme
    • Assessing needs and capabilities
    • A multi-disciplinary approach (legal, policy, technical, organizational, educational)
    • Communication and information sharing
    • Putting the strategy into action (roles & responsibilities, accountability, authority, budget, implementation plan, measuring progress and success, periodic reporting)
    • Function-based instead of asset-based
    • Catering to changes – Cyber resilience is a long-term project
    5.00 pm End of Programme
  • Programme Fees

    Normal Price
    RM 950