Cyber security risk management workshop for financial institutions

IT Governance and Risk Consulting Ltd. (ITGRC), a pioneering information security and training company, has announced a Cybersecurity Risk Management Workshop on 15 November.

This workshop will be held at Hotel Renuka, Colpetty, and it focuses on risk professionals in Banking and Financial Service Sector Institutions (BFSIs), which are the primary target of cybercriminals.

ITGRC’s Director/CEO Thilak Pathirage stated: “This Cybersecurity Risk Management Workshop is timely planned for the benefits of risk professionals enabling them to learn and share the essential knowledge of cybersecurity risk management strategies and framework best practices such as NIST, FFIEC, COBIT5 and ISO27001, etc. In the midst of several approaches available in developing and implementing Cybersecurity risk management strategies, the participants shall learn how to integrate their efforts in developing cyber security risk management program within the scope of integrated risk management frameworks in banks.

“This will be a novel learning experience for the risk professionals those who are responsible for managing cybersecurity risk for which every bank is exposed either big or small. The Board is responsible to adapt proactive risk management programs in all the banks and financial organisations and their fiduciary responsibility is crucial when it comes to cybersecurity risks. No organisation can adopt a black swan approach as the next immediate target would be your bank which will cost not only tremendous recovery efforts but also huge reputational risk and legal ramifications resulting loss of customers. The unique value of this workshop is the practical approach adapted in planning and implementing cybersecurity risk management programs at the enterprise level instead of creating panic and fear in the mindset of the audience. They will also learn the recent development of cyber laws and regulations in the country which will be helpful in understanding the legal safeguards available in managing cyber risk.”

He further stated: “Cybersecurity is not information security and there can be only two types of enterprises in this world, either ones that have been hacked already or that will be hacked in near future. These challenges demand corporate leaders to re-think of cybersecurity risk seriously and adapt proactive approach in developing risk base cybersecurity risk management programs and road maps.”

The workshop is timely given the two recent major banks heist in neighbouring countries, Bangladesh and Taiwan, which gave an alarm for the Sri Lankan BFSI sector to be prepared. 

The workshop will be addressed by key cybersecurity industry leaders including Digital Law Specialist Jayantha Fernando, Dr. Kasun De Zoysa, Senior Cybersecurity Consultant and lecturer at UCSC, Roshan Chandraguptha, Principal Information Security Engineer Sri Lanka CERT, Thilak Pathirage, Senior Information and Cybersecurity Consultant and Director/CEO ITGRC Ltd., and Damith Pathirage, Cybersecurity specialist.