Cyber resilience – from threats, vulnerabilities and incidents to building capabilities, testing and effective management

Cyber resilience – from threats, vulnerabilities and incidents to building capabilities, testing and effective management

Cyber resilience: from threats, vulnerabilities and incidents to building capabilities, testing and effective management

Date: September 12 – 14, 2023
Time: 9am-12pm (EDT) | 2pm-5pm (BST) | 3pm - 6pm (CET) I 9pm-12am (SGT)
Location: Virtual

BOOK NOW  DOWNLOAD BROCHURE

Raymond Kleijmeer

Senior officer

Central Bank of the Netherlands

Raymond Kleijmeer is working at De Nederlandsche Bank as senior officer for cyber resilience. De Nederlandsche Bank (DNB) is the central bank and financial prudential supervisor of the Netherlands. DNB seeks to safeguard financial stability and enhance the cyber resiliency of financial institutions and the financial system as a whole. Raymond has been involved in international working groups hosted by the Bank for International Settlements (BIS) publishing among others, the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures in June 2016 and the Financial Stability Board Cyber Incident Response and Recovery toolkit published in 2020. At a national level he worked on the initiation and implementation of the Threat Intelligence Based Ethical Red teaming framework in the Netherlands from 2015 until 2019, when he was seconded to the BIS Financial Stability Institute to publish an FSI Insight on international red team testing frameworks. At the BIS Cyber Resilience Coordination Centre Raymond was seconded from 2020-2022 to establish a program for central banks to perform cyber resilience assessments with methodology developed by Carnegie Mellon University. This CRA methodology is performed as a self-assessment on a critical business service to help identify areas for improvements. It enables organisations to use the outcomes to benchmark themselves with relevant peers.

David Whyte

Head of cyber resilience coordination centre

BIS

Ali Al-Khaled

Manager of information security department (CISO)

Central Bank of Kuwait

Paul Macpherson

Director of information security (CISO)

Reserve Bank of New Zealand

Paul Macpherson leads the Information Security team for Te Pūtea Matua, with responsibility for managing information and cyber security risks across the organisation.

The Information Security team plays a critical role in ensuring the security and privacy of information entrusted to Te Pūtea Matua as kaitiaki of New Zealand’s financial system.

Paul has over 30 years’ experience in information security administration, consulting and management roles across the public and private sector. Previously he held information security management roles at Westpac NZ and Xero, and spent 10 years with KPMG where he provided information security consulting and audit services to clients globally. He is a Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP).

Stuart Sperry

Associate director

Federal Reserve Board

Stuart has over 30 years of management and analytical experience in the Federal Reserve System.

*1999-present -- Staff and management positions in the Federal Reserve System Board of Governors' Division of Reserve Bank Operations and Payment Systems. Functional areas have included Federal Reserve Bank financial management oversight, Federal Reserve Bank HR oversight, financial market infrastructure oversight, and Federal Reserve System IT oversight and policy (current).

*1991-1999 -- Staff and management positions at the Federal Reserve Bank of Kansas City's Oklahoma City Branch. Functional areas included HR, facilities management, procurement, and financial management.

Simon Onyons

Managing director

FTI Consulting

Simon Onyons brings over two decades of information technology and cybersecurity experience, most recently in the area of finance regulation. He currently serves as a senior advisor to the UK National Cyber Security Centre (NCSC), where he works on the NCSC Advisory Group to support the NCSC Industry 100 initiative to improve cyber resilience across UK industry and will remain in this role while at FTI Consulting.

Prior to FTI Consulting, Mr. Onyons was a Senior Vice President and Head of EMEA Governance, Risk and Compliance within Global Information Security at Bank of America. While at Bank of America, he created and co-led the award-winning Financial Sector Cyber Collaboration Centre (FSCCC) and served as Chair of the Cyber Security Working Group of the Association for Financial Markets in Europe.

Before that, Mr. Onyons worked in cybersecurity at the Financial Conduct Authority (FCA), where he was tasked with defining and implementing the strategy, policy, and structure of the FCA’s cyber supervisory division. Whilst at the FCA, he worked across a range of international working groups and collaboration efforts with global regulators and co-authored best practice cyber resilience guidance for the G7 Cyber Experts Group, the Committee on Payments and Market Infrastructures (CPMI), and the International Organization of Securities Commissions (IOSCO).

Previously, Mr. Onyons worked in business continuity and recovery for a number of IT service providers after beginning his career at IBM.

Constantinos Christoforides

Lead cyber resilience expert

ECB

Constantinos is a Senior Oversight Expert focusing on cyber resilience activities for European FMIs. He is currently a Test Manager for TIBER-EU and is heavily engaged in the further development and evolution of the framework as well as assisting new jurisdictions in adopting and implementing the framework. Constantinos is also involved in the operationalisation and further development of the Cyber Incident and Information Sharing Initiative (CIISI-EU) and in further initiatives to raise the cyber resilience of European FMIs under the Euro Cyber Resilience Board (ECRB). Constantinos also participates in various international cyber groups, including workstreams of the G7 Cyber Expert Group and the CPMI-IOSCO Working Group on Cyber Resilience, as well as World Bank FIGI events, and conducts training for European and International supervisors/overseers on the Eurosystem Cyber Resilience Oversight Expectations. Prior to his Oversight role, he was part of the team monitoring the risks and enhancing the cyber resilience posture of TARGET Services, one of the most critical financial infrastructures in the world. Before joining the ECB in 2017, Constantinos worked at the Central Bank of Cyprus for 6 years, where he was the Bank’s Information Systems Security Officer, leading cyber resilience efforts within the Bank as well as assisting in bank supervision, bank resolution and eDiscovery missions during the financial crisis in Cyprus. Constantinos is a CISSP, CRISC, CISA and CDPSE, and has previously worked at KPMG, Ernst & Young and JCC Payment Systems. He holds a BSc in Mathematics from Warwick University and an MSc in Information Security from the University of Royal Holloway.

Emran Islam

Senior financial sector expert

IMF

Emran joined the IMF in 2020 as a Senior Financial Sector Expert in the Financial Regulation and Supervision Division. In his previous role, Emran was a Senior Oversight Expert at the European Central Bank (ECB) and the lead for developing and operationalising the cyber resilience strategy for the European Union. He was a part of the team that developed TIBER-EU, the Cyber Resilience Oversight Expectations, established the Euro Cyber Resilience Board, developed and operationalized the market-wide cyber exercise (UNITAS) and developed the Cyber Incident and Information Sharing Initiative (CIISI-EU). Emran has been involved in various international cyber groups, including the G7 Cyber Expert Group, the CPMI Task Force for endpoint security, the FSB Cyber Lexicon Working Group, the CPMI-IOSCO Cyber Working Group, the ESRB Systemic Cyber Working Group and the World Bank FIGI. Prior to joining the ECB in 2015, Emran worked at the Bank of England for 5 years, where he was an FMI supervisor, as well as leading the cyber work for UK FMIs (inlcuding the development of CBEST). Emran is a Chartered Accountant, and has previously worked at Goldman Sachs, PwC, IBM and the central government. Emran has a BA and MPhil from the University of Oxford.

Sukhvir Notra

Senior information security specialist

Bank for International Settlements

Mr. Sukhvir Notra is a Senior Information Security Specialist at the Bank for International Settlements (BIS). He has been an information security professional for over 10 years with majority of his career focused on defensive cyber operations. At the Cyber Resilience Coordination Centre (BIS), Sukhvir is responsible for development and delivery of cyber range exercises, managing cyber resilience assessments of central banks and other projects aimed at strengthening cyber resilience and promoting collaboration in the central bank community. His primary interest include leadership, operations, information security readiness and risk management. He has a Bachelors of Electrical Engineering degree and a Masters of Cyber Security from University of New South Wales.

Alejandro de los Santos

Cyber security director

Bank of Mexico

Brian Gattoni

Assistant Director

Federal Reserve Board

Brian Gattoni is an Assistant Director in the Federal Reserve Board’s division of Reserve Bank Operations and Payment Systems with responsibilities to ensure the cybersecurity and resilience of Federal Reserve System Information Technology supporting Federal Reserve banks and payment systems. Gattoni is building partnerships and processes that ensure cybersecurity and resilience decisions are risk informed, mission focused, and account for the latest developments in threats and technology.

Prior to joining the Board in January of 2023, Gattoni was the Chief Technology Officer for the Cybersecurity and Infrastructure Security Agency (CISA), where he was responsible for the technical vision and strategic alignment of CISA data and mission services to manage cyber and physical risk to federal networks and critical infrastructure. He led a portfolio of research and development efforts in bringing emerging technologies to use in CISA’s mission including Artificial Intelligence, Zero-Trust, Cyber Deception, Digital Twins, Counter Explosives Robotics and Automated Decision Support systems. Gattoni is a Board Member for the National Institute for Standards and Technology Information Security and Privacy Advisory Board.

Gattoni holds a Master of Science in Cyber Systems and Operations with certifications in Cyber Wargaming and Cyber Operations Infrastructure from the Naval Postgraduate School in Monterey, California, and is a Certified Information Systems Security Professional.

Agenda

Cyber Resilience standards and practices

14:0014:15

Cyber resilience: course introduction
Course introduction session led by the chair

14:00 - 14:15

  • Introductions and welcome from the chairperson
  • Overview of the training course programme and speakers
  • Discussion of participant expectations and areas of particular interest.
Raymond Kleijmeer

Senior officer

Central Bank of the Netherlands

Raymond Kleijmeer is working at De Nederlandsche Bank as senior officer for cyber resilience. De Nederlandsche Bank (DNB) is the central bank and financial prudential supervisor of the Netherlands. DNB seeks to safeguard financial stability and enhance the cyber resiliency of financial institutions and the financial system as a whole. Raymond has been involved in international working groups hosted by the Bank for International Settlements (BIS) publishing among others, the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures in June 2016 and the Financial Stability Board Cyber Incident Response and Recovery toolkit published in 2020. At a national level he worked on the initiation and implementation of the Threat Intelligence Based Ethical Red teaming framework in the Netherlands from 2015 until 2019, when he was seconded to the BIS Financial Stability Institute to publish an FSI Insight on international red team testing frameworks. At the BIS Cyber Resilience Coordination Centre Raymond was seconded from 2020-2022 to establish a program for central banks to perform cyber resilience assessments with methodology developed by Carnegie Mellon University. This CRA methodology is performed as a self-assessment on a critical business service to help identify areas for improvements. It enables organisations to use the outcomes to benchmark themselves with relevant peers.

14:1515:15

Cyber resilience and innovations

14:15 - 15:15

  • Risk management issues and challenges 

  • Update recent initiatives and information structures.

David Whyte

Head of cyber resilience coordination centre

BIS

15:1516:15

Cyber risks and the top challenges for the CISO

15:15 - 16:15

  • Exploring various threats, like malware and data breaches, and their potential impact on organizations
  • CISO challenges: Resource constraints, skill shortages, aligning cybersecurity with business goals, and managing third-party risks
  • Effective risk mitigation: Proactive strategies including risk assessments, security controls, employee training, and technology solutions for enhanced cybersecurity.
Ali Al-Khaled

Manager of information security department (CISO)

Central Bank of Kuwait

16:1517:00

Strategies for capacity building

16:15 - 17:00

  • Key issues for the larger international community of central banks.
Emran Islam

Senior financial sector expert

IMF

Emran joined the IMF in 2020 as a Senior Financial Sector Expert in the Financial Regulation and Supervision Division. In his previous role, Emran was a Senior Oversight Expert at the European Central Bank (ECB) and the lead for developing and operationalising the cyber resilience strategy for the European Union. He was a part of the team that developed TIBER-EU, the Cyber Resilience Oversight Expectations, established the Euro Cyber Resilience Board, developed and operationalized the market-wide cyber exercise (UNITAS) and developed the Cyber Incident and Information Sharing Initiative (CIISI-EU). Emran has been involved in various international cyber groups, including the G7 Cyber Expert Group, the CPMI Task Force for endpoint security, the FSB Cyber Lexicon Working Group, the CPMI-IOSCO Cyber Working Group, the ESRB Systemic Cyber Working Group and the World Bank FIGI. Prior to joining the ECB in 2015, Emran worked at the Bank of England for 5 years, where he was an FMI supervisor, as well as leading the cyber work for UK FMIs (inlcuding the development of CBEST). Emran is a Chartered Accountant, and has previously worked at Goldman Sachs, PwC, IBM and the central government. Emran has a BA and MPhil from the University of Oxford.

Threat intelligence and red team testing vulnerability management

14:0015:00

Vulnerability management and third-party risks

14:00 - 15:00

  • Walk through a case study of how the Reserve Bank of New Zealand has strengthened their vulnerability management capabilities 

  • Understand the challenges and lessons learned on this journey and how they could be applied to your own technology estate 

  • Hear how RBNZ brought OT and IoT devices into scope of their vulnerability management program 

  • Discussion: third-party supply chain vulnerability risks. 

Paul Macpherson

Director of information security (CISO)

Reserve Bank of New Zealand

Paul Macpherson leads the Information Security team for Te Pūtea Matua, with responsibility for managing information and cyber security risks across the organisation.

The Information Security team plays a critical role in ensuring the security and privacy of information entrusted to Te Pūtea Matua as kaitiaki of New Zealand’s financial system.

Paul has over 30 years’ experience in information security administration, consulting and management roles across the public and private sector. Previously he held information security management roles at Westpac NZ and Xero, and spent 10 years with KPMG where he provided information security consulting and audit services to clients globally. He is a Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP).

15:0016:00

Digital operational resilience in Europe

14:45 - 15:30

  • Digital operational resilience and its significance in ensuring the uninterrupted functioning of critical financial infrastructure and services in Europe
  • Exploring the regulatory framework and guidelines related to digital operational resilience in Europe, including the EU Digital Operational Resilience Act (DORA) and other relevant regulations and standards
  • What are the key components of digital operational resilience? 
Simon Onyons

Managing director

FTI Consulting

Simon Onyons brings over two decades of information technology and cybersecurity experience, most recently in the area of finance regulation. He currently serves as a senior advisor to the UK National Cyber Security Centre (NCSC), where he works on the NCSC Advisory Group to support the NCSC Industry 100 initiative to improve cyber resilience across UK industry and will remain in this role while at FTI Consulting.

Prior to FTI Consulting, Mr. Onyons was a Senior Vice President and Head of EMEA Governance, Risk and Compliance within Global Information Security at Bank of America. While at Bank of America, he created and co-led the award-winning Financial Sector Cyber Collaboration Centre (FSCCC) and served as Chair of the Cyber Security Working Group of the Association for Financial Markets in Europe.

Before that, Mr. Onyons worked in cybersecurity at the Financial Conduct Authority (FCA), where he was tasked with defining and implementing the strategy, policy, and structure of the FCA’s cyber supervisory division. Whilst at the FCA, he worked across a range of international working groups and collaboration efforts with global regulators and co-authored best practice cyber resilience guidance for the G7 Cyber Experts Group, the Committee on Payments and Market Infrastructures (CPMI), and the International Organization of Securities Commissions (IOSCO).

Previously, Mr. Onyons worked in business continuity and recovery for a number of IT service providers after beginning his career at IBM.

16:0017:00

TIBER framework Eurosystem

16:00 - 17:00

  • Understanding the TIBER (Threat Intelligence-Based Ethical Red Teaming) framework developed by the Eurosystem to assess and enhance the resilience of financial institutions against cyber threats.
  • What are the testing processes involved in TIBER assessments, including scoping, intelligence gathering, red teaming exercises, and reporting.
  • Exploring the benefits of implementing the TIBER framework, such as identifying vulnerabilities, improving incident response capabilities, enhancing cyber risk management, and strengthening the overall cybersecurity posture of financial institutions.
Constantinos Christoforides

Lead cyber resilience expert

ECB

Constantinos is a Senior Oversight Expert focusing on cyber resilience activities for European FMIs. He is currently a Test Manager for TIBER-EU and is heavily engaged in the further development and evolution of the framework as well as assisting new jurisdictions in adopting and implementing the framework. Constantinos is also involved in the operationalisation and further development of the Cyber Incident and Information Sharing Initiative (CIISI-EU) and in further initiatives to raise the cyber resilience of European FMIs under the Euro Cyber Resilience Board (ECRB). Constantinos also participates in various international cyber groups, including workstreams of the G7 Cyber Expert Group and the CPMI-IOSCO Working Group on Cyber Resilience, as well as World Bank FIGI events, and conducts training for European and International supervisors/overseers on the Eurosystem Cyber Resilience Oversight Expectations. Prior to his Oversight role, he was part of the team monitoring the risks and enhancing the cyber resilience posture of TARGET Services, one of the most critical financial infrastructures in the world. Before joining the ECB in 2017, Constantinos worked at the Central Bank of Cyprus for 6 years, where he was the Bank’s Information Systems Security Officer, leading cyber resilience efforts within the Bank as well as assisting in bank supervision, bank resolution and eDiscovery missions during the financial crisis in Cyprus. Constantinos is a CISSP, CRISC, CISA and CDPSE, and has previously worked at KPMG, Ernst & Young and JCC Payment Systems. He holds a BSc in Mathematics from Warwick University and an MSc in Information Security from the University of Royal Holloway.

Eco-system resilience and incident management

14:0014:45

Eco-system resilience

14:00 - 14:45

  • Insights into the concept of eco-system resilience: the ability of interconnected organizations and entities to withstand and recover from cyber risks collectively.
  • Exploring the interdependencies within an eco-system and the importance of conducting comprehensive risk assessments to identify vulnerabilities, potential impact, and critical dependencies.
  • Effective strategies and best practices for strengthening eco-system resilience, such as fostering information sharing and collaboration, implementing robust incident response plans, conducting regular audits and assessments, and establishing contingency plans for potential disruptions.
Stuart Sperry

Associate director

Federal Reserve Board

Stuart has over 30 years of management and analytical experience in the Federal Reserve System.

*1999-present -- Staff and management positions in the Federal Reserve System Board of Governors' Division of Reserve Bank Operations and Payment Systems. Functional areas have included Federal Reserve Bank financial management oversight, Federal Reserve Bank HR oversight, financial market infrastructure oversight, and Federal Reserve System IT oversight and policy (current).

*1991-1999 -- Staff and management positions at the Federal Reserve Bank of Kansas City's Oklahoma City Branch. Functional areas included HR, facilities management, procurement, and financial management.

Brian Gattoni

Assistant Director

Federal Reserve Board

Brian Gattoni is an Assistant Director in the Federal Reserve Board’s division of Reserve Bank Operations and Payment Systems with responsibilities to ensure the cybersecurity and resilience of Federal Reserve System Information Technology supporting Federal Reserve banks and payment systems. Gattoni is building partnerships and processes that ensure cybersecurity and resilience decisions are risk informed, mission focused, and account for the latest developments in threats and technology.

Prior to joining the Board in January of 2023, Gattoni was the Chief Technology Officer for the Cybersecurity and Infrastructure Security Agency (CISA), where he was responsible for the technical vision and strategic alignment of CISA data and mission services to manage cyber and physical risk to federal networks and critical infrastructure. He led a portfolio of research and development efforts in bringing emerging technologies to use in CISA’s mission including Artificial Intelligence, Zero-Trust, Cyber Deception, Digital Twins, Counter Explosives Robotics and Automated Decision Support systems. Gattoni is a Board Member for the National Institute for Standards and Technology Information Security and Privacy Advisory Board.

Gattoni holds a Master of Science in Cyber Systems and Operations with certifications in Cyber Wargaming and Cyber Operations Infrastructure from the Naval Postgraduate School in Monterey, California, and is a Certified Information Systems Security Professional.

14:4515:30

Advance of AI and it’s implications on cyber security: a hand on look at offensive and defensive cyber operations using AI

15:00 - 16:00

  • Overview of various AI technologies in the market today
  • Breakdown of AI models and their capabilities
  • Demo – Offensive cyber operations using ChatGPT
  • Demo – Defensive cyber operations using ChatGPT
  • Risks and future outlook
  • Conclusion

 

Sukhvir Notra

Senior information security specialist

Bank for International Settlements

Mr. Sukhvir Notra is a Senior Information Security Specialist at the Bank for International Settlements (BIS). He has been an information security professional for over 10 years with majority of his career focused on defensive cyber operations. At the Cyber Resilience Coordination Centre (BIS), Sukhvir is responsible for development and delivery of cyber range exercises, managing cyber resilience assessments of central banks and other projects aimed at strengthening cyber resilience and promoting collaboration in the central bank community. His primary interest include leadership, operations, information security readiness and risk management. He has a Bachelors of Electrical Engineering degree and a Masters of Cyber Security from University of New South Wales.

15:3016:15

Cyber incidents in the eco-system

15:30 - 16:15

  • Experiences with cyber incidents in the eco-system and how to use incident response and recovery playbooks to improve resilience capabilities
  • Training skills and communication, incident response and BCM 
Alejandro de los Santos

Cyber security director

Bank of Mexico

16:1517:00

Cyber resilience: interactive discussion and closing remarks 
Interactive session led by the chair

16:15 - 17:00

  • Summary of the course 

  • Discussion of the observed key challenges and approaches to improve cyber resilience  

  • Group discussion – what learning points can you apply in your organisation? 

  • Preparation of action points.

Raymond Kleijmeer

Senior officer

Central Bank of the Netherlands

Raymond Kleijmeer is working at De Nederlandsche Bank as senior officer for cyber resilience. De Nederlandsche Bank (DNB) is the central bank and financial prudential supervisor of the Netherlands. DNB seeks to safeguard financial stability and enhance the cyber resiliency of financial institutions and the financial system as a whole. Raymond has been involved in international working groups hosted by the Bank for International Settlements (BIS) publishing among others, the CPMI-IOSCO guidance on cyber resilience for financial market infrastructures in June 2016 and the Financial Stability Board Cyber Incident Response and Recovery toolkit published in 2020. At a national level he worked on the initiation and implementation of the Threat Intelligence Based Ethical Red teaming framework in the Netherlands from 2015 until 2019, when he was seconded to the BIS Financial Stability Institute to publish an FSI Insight on international red team testing frameworks. At the BIS Cyber Resilience Coordination Centre Raymond was seconded from 2020-2022 to establish a program for central banks to perform cyber resilience assessments with methodology developed by Carnegie Mellon University. This CRA methodology is performed as a self-assessment on a critical business service to help identify areas for improvements. It enables organisations to use the outcomes to benchmark themselves with relevant peers.

Two weeks prior to your training course you will be given access to course materials. There will be a combination of articles, reports and presentations that will contribute to two hours of preparation time for the live content. Presentations for the sessions will also be held here subject to the speaker approval.

Learning Outcomes

At the conclusion of the training, participants will be able to:

  • Understand how to effectively manage cyber resilience and strengthen resilience capabilities 
  • Understand about the different types of cyber threats facing central banks 
  • Learn how to organise and implement a red team testing framework and learn about red team tests in practice 
  • Gain insights into vulnerability management, incident management and third-party risk management 
  • Explore how to build critical infrastructure resilience and proactive measures to mitigate cyber risks in the eco-system and ensure financial stability 

BOOK NOW