Cyber Security (for ARMs)
About This Course
This 4-hour course provides a comprehensive understanding of the generic enterprise and cyber risk management practices and specific cyber risk concepts commonly deployed in the financial industry to enhance the overall cyber security and risk management. The complexity of today’s connected digital environment is exposing organizations to numerous technology and cyber threats that could lead to substantial data and financial losses as well as reputational damages.
Designed for professionals responsible for business activities exposed to technology and cyber risks, this programme focuses on the practical considerations in the design, adoption and implementation of systems and processes for optimal cybersecurity and technology risk (TR) management, aligned to global cybersecurity best practices, including MAS TR and Cyber Hygiene guidelines, covering the key technology and cyber risk management concepts and best practice implementation approaches, including its management and applications to IT and cyber risks. It will also go beyond that and address the practical usage of that knowledge; with case studies and examples.
Who Should Attend
- Assistant Relationship Managers in Private Banking
- Operations functions in Private Banking
- Covered persons under Private Banking Code of Conduct who may be interested
- Identify potential risks and threats associated with cybersecurity, such as viruses, hacking, and identity theft
- Protect personal and business information from cybersecurity threats
- Follow cybersecurity policies and procedures in own area of work
- Explain cybersecurity practices to customers and/or stakeholders
- Take appropriate actions as required during cybersecurity breaches
- Identify relevant channels in the organisation to report and initiate corrective actions
About IBF Certification
This course addresses the following Technical Skills and Competencies (TSCs) and Proficiency Level (PL):
- C1. Cybersecurity - Level 3
Participants are encouraged to access the IBF MySkills Portfolio to track their training progress and skills acquisition against the Skills Framework for Financial Services. You can apply for IBF Certification after fulfilling the required number of Technical Skills and Competencies (TSCs) for the selected job role.
Find out more about IBF certification and the application process on https://www.ibf.org.sg/certification/Pages/Why-be-Certified.aspx
Cybersecurity threats and risks
- Motivation and drivers of cybercrimes
- Cyber universe of Attack Surface and evolution
- Risk identification - common cyber threats like viruses, hacking and identity theft
- Emerging cyber threats and risks
Organisation’s cybersecurity policies and procedures
- Foundational aspect – data governance, hierarchy, breach and loss data incidence management
- Cyber risk management framework and processes, implementation and compliance
- Understanding of causes of data leakage and losses
- Training and education
Areas prone to cybersecurity threats
- Cyber threat landscape
- Mission critical assets
- Data security
- Application security
- Endpoint security
- Network security
- Perimeter security
Best practices to safeguard against threats
- Establish cyber governance structure
- Produce cybersecurity policies and procedures
- Maintain board’s and senior management’s engagement with cyber risk
- Enhance user education and awareness incl. for clients
- Comply with cyber risk management framework and principles
- Forward looking scenario analysis with breach and simulation testing (ethical hacking and penetration)
Cybersecurity regulations and compliance requirements
- Adopt best practices from NIST guidelines and standards, MAS TRM, 3rd Party and Cyber Hygiene guidelines
- Periodic independent cyber risk model validation and review and assessment
- Scenario analysis and dry runs readiness and response testing
Relevant channels and responsible stakeholders for cybersecurity reporting procedures
- Conform to Cyber and Operational GRC / ERM framework organizational reporting hierarchy and process based on COSO, ISO 31000 standards for information and communication sharing and reporting
- Dynamic dashboard information access to key stakeholders, including Board, senior management, Divisional and BU Heads
Concluding Remarks, Q&A and Summary of Key Points
Assessment - MCQ
Dr Khoo Guan Seng
PhD in Computational Physics (NUS)
GS Khoo has over 30 years of AI, data-mining, management and startup global work-experience, focusing on risk and hedge fund analytics. He joined CAI in Feb 2016, after relocating back from Canada, where he was the Head of ERM with one of the largest Canadian pension fund managers, AIMCo, which he joined in 2011.
Prior to AIMCo, He was with Temasek Holdings, which he joined in 2009 from Standard Chartered Bank, where he was the Global Head/MD, Group Risk Analytics, heading the global team performing all global risk models validation for Basel & BIPRU compliance, and liaised with all the financial regulators in Europe, Asia, Africa and the Middle East, including the FSA (UK), the FSS (Korea), CBRC, HKMA and MAS (Singapore). At Temasek Holdings, he focused on developing novel investment performance and portfolio risk management metrics, applicable across the whole spectrum of investment asset classes and horizons.
In his other previous roles, he designed and managed an algorithmic hedge fund at Man Investment Products (Man Group plc.) in the 90s, was Head of Innovation (Strategy & Business Devt.) at the Singapore Exchange, was Group Chief Risk Officer at a SE Asian conglomerate (RHB Capital, Malaysia) and was based in Chicago and Denver in 2001-02 at American Bourses Corp (ABC, spun off from the Man Group), providing AI-based investment and trading analytics to clients trading on the ECNs in N America and in the Asia-Pacific. At ABC, he managed the launch and production of the financial portals of SPH, asiaonemarkets.com and zaobaofinance. com in 2000.
He also provided advisory services to the regulators, family offices, research institutes, global and Asian banks in the Asia-Pacific region on data-mining, ERM, Basel 2 and 3. In addition, he has also advised startup and IT companies in S’pore, Silicon Valley and Vancouver, B.C in BigData, FinTech, and Energy Farming using renewable energy.
GS Khoo holds a PhD in Physics, and has done post-doctoral work at Nagoya University, MSI’s (Molecular Simulations Inc.) research centers at Caltech (Pasadena, California), Boston and at Teijin-MSI in Tokyo, Japan on AI-based data mining and computer-aided drug design. He also speaks regularly at international banking conferences and published articles relating to holistic ecosystem enterprise risk management, AI, operational resiliency, ESG investing and sovereign investing, and published over 30 journal papers on financial engineering, artificial intelligence (AI) applications in financial markets, environmental and materials science.
He is a Board Adviser of the Global-SWF Corporation, Singapore Economic Forum, an affiliate organization of the Paris-based ESG Summit G7 Pension and World Pension Council.
Kenneth has more than 27 years of financial services industry experience in APAC. He started his banking career with Barclays Bank Singapore in 1993 and he was promoted to the role of Regional Senior IT operations manager managing a team of 6 computer operators to ensure the smooth operations of the entire wholesales banking systems, private banking, trading and settlement applications in adherence to the SLAs. His responsibility also included regional application support and regular operational recommendation to the management to meet regulatory and audit compliance. His key accomplishment was the regionalization of the entire IT operations covering core banking, SWIFT, trading, confirmation matching and NOSTRO reconciliation system in Singapore to support Tokyo, Australia and Hong Kong business. He has also been invited to conduct SWIFT operations training for overseas financial institutions in Singapore.
After Barclays, Kenneth worked for several global banking software vendors (eg. Fiserv, Misys, Fair Issac, Wincor Nixdorf etc) as well as system integrators (eg. NCS, Fujitsu, Virtusa etc) in senior roles like Head of Solution Consulting, General Manager (Solutions), FSI Practice Director, Senior Director (Solution development) servicing the FSI customers in APAC. Hence, he has more than 20 years of banking applications, solutioning and architecting experience. Kenneth is knowledgeable on the banking process and practice across Consumer, Wholesale, Private banking as well as Capital market in the APAC market. Being a FSI practitioner, he constantly keeps himself updated on banking industry trends, banking software development trends and cyber security trends as well as he is familiar with the Fintech/Regtech/Insurtech ecosystem. He often represented NCS as an industry speaker in various industry events. He is also a registered mentor volunteered under Polyfintech 100 in Singapore.
In his regional capacity working for Misys, Fiserv, Wincor Nixdorf & Fair Issac, Kenneth also conducted regular banking solution and product training for customers and partners in APAC region. (1998 – 2008) In NCS & Sun Microsystems as FSI Practice Director and Industry Solution Specialist (2018 – 2019), he also regularly conducted internal training to equip the technical and consulting resources with banking domain knowledge prior to their project deployment and customer engagement.
Kenneth holds a Bachelor Degree in Business Administration by University of West London as well as a Graduate Diploma in Marketing issued by The Chartered Institute of Marketing, UK. He also holds a Diploma in electronics and communication by Singapore Polytechnic.
This programme has been accredited under the IBF Standards, and is eligible for funding under the IBF Standards Training Scheme (IBF-STS), subject to all eligibility criteria being met. Candidates are advised to assess the suitability of the programme and its relevance to participants’ business activities or job roles.
For latest development on the Enhanced Funding Support for IBF-STS, please visit the IBF Standards Training Scheme site.
About the IBF Standards
The IBF Standards are a set of competency standards for financial skills. These Standards are developed in partnership with industry leaders and provide a professional development and skills roadmap for financial sector practitioners to excel in their respective job roles. They currently cover 12 industry segments in the financial sector.
About the Institute of Banking and Finance Singapore
The Institute of Banking and Finance Singapore (IBF) is the national accreditation and certification agency for financial industry competency in Singapore under the IBF Standards. Find out more on www.ibf.org.sg
Early Bird Discount
Enjoy 10% early bird discount when you register one (1) month before the course commencement date.