CyberPrism was designed, developed and is supported by the worlds leading cyber risk experts at CRI (Cyber Risk International).
CRI Provide: Cyber Risk Management, Incident Handling and Compliance Services. Our team of highly experienced experts are here to support you and the development of you cyber security program.
Your business reputation is hard won and easily lost. We help you protect it. CRI is an award winning innovative cyber risk advisory, incident management and managed service provider. Founded, led and compromised of experienced cyber risk experts and other high calibre professionals.
We deliver cyber risk advisory, incident handling and managed services to help our clients identify, mitigate and manage cyber risks. We are specialists in our field providing business enabling advice to some of the world’s largest companies.
We work from the top down in organisations, enabling the C-Suite to understand and strategically govern cyber risk. The DNA of our firm is pure “cyber” that is all we do. We work as advisors for our clients and deliver our service portfolio in four distinct phases.
- CBI Cyber Compliance Gap Analysis
- Full Cyber Risk Assessment
- Technical Security Assessments
- Vendor/Third Party Cyber Security Audits
- Capability Assessment e.g. Incident Response
- Develop CISO Management Framework
- Strategic Maturity Roadmap
- International Standards Implementation
- Create Cyber Incident Response Capability
- Interim CISO
- Mentor Security Teams
- Manage Security Projects
- Develop Cyber Incident Response Capability
- CR2 Managed Security - SOC
- Board Advisory
- Mentoring Security Teams
- CyberPrism-MS Cyber Risk Management Service
- Cyber999 - Cyber Incident Response and Forensics
FCAP - FINSEC CYBER ASSESSMENT PROFESSIONAL
25th - 26th January 2018
The two day boot camp style course will train delegates on how to perform a cyber assessment on a financial service organisation of any size, complexity or type.
CRI have developed a training syllabus specifically to meet the challenge of performing a cyber assessment on a FinSec entity.
Overview: This two day boot camp style course has been specifically developed in order to train delegates on how to perform a non technical cyber assessment on a financial institution inline with regulatory cyber compliance requirements.
Objective: This course is delivered by highly experienced financial service experts on cyber regulatory compliance. The objective of the course is to furnish the delegates with the knowledge they require so that they can perform a non technical cyber assessment upon their own organisations, gather the appropriate artefacts and produce the essential level of reporting and assurance for the regulator.
Delegates will also learn how to understand, assess and gain assurance from vendors and partners on third party cyber risk and compliance levels.
Typical Delegates Include:
- Security Professionals
- Compliance personnel
- Risk Managers
- Information Officers
- IT professionals
For further information please contact us on details below.
Tel: 01 9053260
Why Perform a Cyber Assessment?
- Assume Breach
- Assets and Impacts
- Natural Threats
- Cyber Adversarial Risk
Cyber Security Fundamental Requirements
- Security v Risk Management v Compliance
- Cyber Security Strategy and Framework
- Risk and Control Assessment
- Information Sharing
- Continuous Learning
- Additional Localised Cross Industry Requirements
Scoping and Planning The Assessment
- Understanding Your Cyber DNA
- Converged Security – Holistic Approach
- Business Strategy
- Identifying Assets
- Key Stakeholders
- Internal Audit
- Third Parties
- Key Business Processes
- People, Processes, Technology
- GRC Requirements
- Industry Compliance Requirements
- Evidence Required
- Fieldwork and Documentation
- Issue Discovery and Validation
- Leveraging RegTech
Starting The Audit
- Dealing with management, techies and users
- Understanding culture and policy
- Logical and physical
- Assurance and validation
Inherent Risk Assessment
- Assessing Your Cyber DNA
- Organisational Characteristics
- Delivery Channels
- Online/Mobile Technology Products and Services
- External Threats
- Technologies and Connection Types
Cyber Maturity Assessment
- Relationship between Inherent Risk and Cyber Maturity
- Cyber Risk Management and Oversight
- Threat Intelligence and Collaboration
- Cyber Security Controls
- External Dependency Management
- Cyber Incident Management and Resilience
Preparing a Cyber Assessment Report
- Regulator Report Requirements
- Board Level Briefings
- Communicating Results
- Executive Summary
- Cyber Inherent Risk Status
- Cyber Maturity Status
- Roadmap to Maturity
- Cross Map to International Standards and Framework
- Evidence Collected
Developing a Framework and Strategy
- Develop a Roadmap to Maturity
- Collect Evidence
- Collaborate and Leverage
- Prove it
- Continually Assessment
- Measuring Improvement
- Next Steps
Spencer Hotel Dublin City, Excise Walk, IFSC, Dublin 1
Paul C Dwyer
Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients.
With responsibility for the protection of trillions of euros in global money movement and critical infrastructure technologies that protect hundreds of thousands of companies’ and governments’ interests in more than 100 countries.
He has been certified an industry professional by the International Information Security Certification Consortium (ISC2) and the Information System Audit and Control Association (ISACA) and selected for the IT Governance Expert Panel. Approved by the National Crime Faculty and the HTCN High Tech Crime Network.
Paul has worked extensively around the world and his diverse career spans more than 25 years working with military, law enforcement, and the commercial sector.
Cyber Risk International
International Cyber Threat Task Force
David is Cyber Risk International’s Director of Client Services. He has worked as a security advisor for over 12 years specialising in the areas of data protection and ISO 27001. David joined the Cyber Risk International team having built up his own information security practice with an enviable client base over 5 years. He is responsible for achieving confidence and providing assurance of compliance to clients who have obligations under the Data Protection Act 1988, 2003, and financial regulation including the Credit Union and Co-Operation with Overseas Regulators Act 2012.
David’s expertise are fully demonstrated in his management of complex data protection and compliance programs including audit, risk assessment, awareness training, incident management, certification and standards (ISO 27001, PCI DSS, COBIT, ITIL) and business continuity and disaster recovery. A certified ISO 27001 Lead Auditor by the British Standards Institution, David has a wealth of experience working with and providing advice to clients in the financial, technology and pharmaceutical sectors. His record in assisting clients achieve International Security Certification (ISO 27001) is unsurpassed.