Séance d'information : Qualified Cybersecurity Professional in Finance

We kindly ask you to study the pre-course material (available on your profile MYFA) before the start of the trajectory – some of them are a must-read, others are optional to read. They have been carefully selected to introduce the class workshops and to support in-depth discussions with fellow participants.

The training course accommodates a diverse range of participants, catering to specific needs and roles within various industries.

The course can be followed by various target groups:

• Finance professionals: already engaged in the finance sector, including financial analysts, managers, and executives, seeking to enhance their understanding of cybersecurity specific to financial environments
  

• Process & Business analysts
  

• Business managers in insurance companies or financial institutions
  

• Product managers
  

• Risk Managers
  

• Compliance Officers
  

• FinTech

Our programme “Qualified Cybersecurity Professional in Finance” is your gateway to mastering the intricate and critical domain where finance and technology intersect. In an era where financial institutions are prime targets for cyber threats, this specialized training is designed to empower professionals with the skills necessary to protect and secure the financial landscape.

In this unique collaboration, House of Training, ABBL, Febelfin Academy partners with Solvay Lifelong Learning, to deliver a programme tailored to the specific challenges and intricacies of cybersecurity in finance. The course brings together the regulatory insights and industry-specific expertise of ABBL/Febelfin Academy with Solvay's cutting-edge academic approach, ensuring participants gain a comprehensive understanding of cybersecurity in the financial domain.

This session provides all the necessary information for candidates wishing to follow the certified training “Qualified Cybersecurity Professional in Finance".

The objectives of the course are to:

• provide participants with the essential skills and knowledge required to navigate the complex landscape of cybersecurity within the financial sector
  

• tackle specific challenges faced by financial institutions, focusing on risk management, compliance strategies, and the protection of sensitive financial data
  

• foster an understanding of regulatory frameworks governing cybersecurity in finance, ensuring participants can align security measures with industry standards
  

• empower participants to analyse and respond to emerging cyber threats, incorporating threat intelligence into their cybersecurity strategies
  

• cultivate leaders in the field by fostering a strategic understanding of cybersecurity, enabling participants to proactively safeguard financial systems and contribute to the industry's resilience

Curriculum: The body of knowledge is aligned with the Executive Master in Cybersecurity management lectured at Solvay Lifelong Learning (solvay.edu/cybersecurity). It is based on material compiled by Professor Georges Ataya, as well as on general publications related to cybersecurity. The education is structured into four modules.

Module 1: Introduction to Cybersecurity Fundamentals (duration 1 day 6h classroom)
Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers: Atefeh Maleki, Head of Information Security Department, Nomura Bank Luxembourg S.A.

Objective: This module aims to equip participants with a comprehensive understanding of cybersecurity principles, covering fundamentals, governance, risk, and compliance. It focuses on confidentiality, integrity, and authentication processes, emphasizing the protection of sensitive information and adherence to predefined policies. The curriculum includes in-depth risk management practices, guiding participants in identifying and mitigating cybersecurity risks effectively. Additionally, it addresses compliance and legislation, stressing the importance of adhering to industry standards. By the module's conclusion, participants will have a solid foundation to explore and specialize in cybersecurity confidently.

Module 2: Cybersecurity Battleground: Threats, Vulnerabilities and Technologies (duration 1 day 6h classroom)
Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers:  Antoine Meyers - CISO - BGL BNP Paribas

Objective: In this module we will comprehensively address cybersecurity management by integrating key capacities such as Identification, Protection, Detection, Response, and Recovery techniques. The curriculum presents current threats, vulnerabilities, security controls, and technologies, offering insights into the threat landscape. It emphasizes the connection between cybersecurity and information security practices, aligning frameworks with business needs and risks. The course delves into existing frameworks, risk analysis, management buy-in, solution search, alignment with risk appetite, implementation, and follow-up. Decision-making tools for adverse conditions and seemingly hostile environments are provided to participants. Additionally, a specific financial sector workshop is included, focusing on the identification of threats and vulnerabilities related to business functions, risk practices, and the determination of a robust mitigation model.

Module 3: Incident Response by security controls and operations  (duration 1 day 6h classroom)
Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers: Nicolas Bomont - IT Infrastructure Manager - Victor Buck Services

Objective: This module covers context analysis, scope definition, threat modelling, security controls, and solution space identification. Emphasizing a holistic approach, it explores trade-offs from technological, human, and procedural perspectives. The significance of kill-chain analysis in threat modelling is highlighted for focus, cohesion, and business case development. Operational planning tools and frameworks introduce defence theory, mental models for understanding adversaries, telemetry, attack detection, incident response, crisis communication, and continuous improvement assessment tools. In summary, the module provides a comprehensive guide to navigating security controls and incident response in operations.

Module 4 : Cybersecurity -Governance Management -Leadership (duration 1 day 6h classroom)
Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers: Lars WEBER, Vice President & Head of Business Unit, Non-Financial Risk Management, Information Security Officer, BCEE

Objective: During this course, we will provide you with a thorough understanding of cybersecurity management, focusing on roles and responsibilities in crafting and executing a robust strategy. It emphasizes aligning strategic components with organizational goals and adapting to evolving threats, covering vital areas like supply chain considerations, the three lines of defence, and the seven components of maturity. The module explores effective governance practices, including frameworks and policies, fostering a well-structured and accountable governance framework. Communication is highlighted as crucial for successful cybersecurity governance, empowering participants to convey policies, incidents, and strategies to diverse stakeholders, promoting cybersecurity awareness. Ultimately, participants gain the knowledge and skills needed to develop a comprehensive cybersecurity strategy, implement effective governance, and enhance communication within their organizations.