Qualified Cybersecurity Professional in Finance

Welcome to the forefront of safeguarding the financial world in the digital age!

Our programme “Qualified Cybersecurity Professional in Finance” is your gateway to mastering the intricate and critical domain where finance and technology intersect. In an era where financial institutions are prime targets for cyber threats, this specialized training is designed to empower professionals with the skills necessary to protect and secure the financial landscape.

In this unique collaboration, House of Training, ABBL, Febelfin Academy partners with Solvay Lifelong Learning, to deliver a programme tailored to the specific challenges and intricacies of cybersecurity in finance. The course brings together the regulatory insights and industry-specific expertise of ABBL/Febelfin Academy with Solvay's cutting-edge academic approach, ensuring participants gain a comprehensive understanding of cybersecurity in the financial domain.

The objectives of the course are to:

• provide participants with the essential skills and knowledge required to navigate the complex landscape of cybersecurity within the financial sector
  

• tackle specific challenges faced by financial institutions, focusing on risk management, compliance strategies, and the protection of sensitive financial data
  

• foster an understanding of regulatory frameworks governing cybersecurity in finance, ensuring participants can align security measures with industry standards
  

• empower participants to analyse and respond to emerging cyber threats, incorporating threat intelligence into their cybersecurity strategies
  

• cultivate leaders in the field by fostering a strategic understanding of cybersecurity, enabling participants to proactively safeguard financial systems and contribute to the industry's resilience
  

This education programme is directed by Professor Georges Ataya, Academic Director at Solvay Lifelong Learning. He is the co-founder and Vice-Chair of the Belgian Cybersecurity Coalition, past Vice President of the ISACA Research Foundation, and co-author of the Certificate in Cybersecurity Management.

Georges will be accompanied by Steve Purser, the former Operations Director at ENISA (The European Agency for Cybersecurity). He is now an Independent Cybersecurity Consultant with industry and public policy experience, specializing in Chief Information Security Officer (CISO) services, strategy, governance, EU regulatory compliance, and implementation.

Guest speakers: 

• Atefeh Maleki, Head of Information Security Department, Nomura Bank Luxembourg S.A.

• Antoine Meyers - CISO - BGL BNP Paribas

• Lars WEBER, Vice President & Head of Business Unit, Non-Financial Risk Management, Information Security Officer, BCEE
  

• Nicolas Bomont - IT Infrastructure Manager - Victor Buck Services
  IT Infrastructure Manager at Victor buck Services , Luxembourg's leading business document management company, since January 2021, member of Cybersecurity Advisory Network. Working in IT infrastructure, datacentres and Cybersecurity for years with broad experience in managing IT Infrastructure in Luxembourg since 2006. I put innovation and security to work for businesses and like transforming legal constraints into growth opportunities.
  

Curriculum: The body of knowledge is aligned with the Executive Master in Cybersecurity management lectured at Solvay Lifelong Learning (solvay.edu/cybersecurity). It is based on material compiled by Professor Georges Ataya, as well as on general publications related to cybersecurity. The education is structured into four modules.

Module 1: Introduction to Cybersecurity Fundamentals (duration 1 day 6h classroom)

Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers: Atefeh Maleki, Head of Information Security Department, Nomura Bank Luxembourg S.A.

Objective: This module aims to equip participants with a comprehensive understanding of cybersecurity principles, covering fundamentals, governance, risk, and compliance. It focuses on confidentiality, integrity, and authentication processes, emphasizing the protection of sensitive information and adherence to predefined policies. The curriculum includes in-depth risk management practices, guiding participants in identifying and mitigating cybersecurity risks effectively. Additionally, it addresses compliance and legislation, stressing the importance of adhering to industry standards. By the module's conclusion, participants will have a solid foundation to explore and specialize in cybersecurity confidently.

Module 2: Cybersecurity Battleground: Threats, Vulnerabilities and Technologies (duration 1 day 6h classroom)

Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers:  Antoine Meyers - CISO - BGL BNP Paribas

Objective: In this module we will comprehensively address cybersecurity management by integrating key capacities such as Identification, Protection, Detection, Response, and Recovery techniques. The curriculum presents current threats, vulnerabilities, security controls, and technologies, offering insights into the threat landscape. It emphasizes the connection between cybersecurity and information security practices, aligning frameworks with business needs and risks. The course delves into existing frameworks, risk analysis, management buy-in, solution search, alignment with risk appetite, implementation, and follow-up. Decision-making tools for adverse conditions and seemingly hostile environments are provided to participants. Additionally, a specific financial sector workshop is included, focusing on the identification of threats and vulnerabilities related to business functions, risk practices, and the determination of a robust mitigation model.

Module 3: Incident Response by security controls and operations  (duration 1 day 6h classroom)

Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers: Nicolas Bomont - IT Infrastructure Manager - Victor Buck Services

Objective: This module covers context analysis, scope definition, threat modelling, security controls, and solution space identification. Emphasizing a holistic approach, it explores trade-offs from technological, human, and procedural perspectives. The significance of kill-chain analysis in threat modelling is highlighted for focus, cohesion, and business case development. Operational planning tools and frameworks introduce defence theory, mental models for understanding adversaries, telemetry, attack detection, incident response, crisis communication, and continuous improvement assessment tools. In summary, the module provides a comprehensive guide to navigating security controls and incident response in operations.

Module 4 : Cybersecurity -Governance Management -Leadership (duration 1 day 6h classroom)

Lecturers: Pr. Georges ATAYA & Steve Purser

Guest speakers: Lars WEBER, Vice President & Head of Business Unit, Non-Financial Risk Management, Information Security Officer, BCEE

Objective: During this course, we will provide you with a thorough understanding of cybersecurity management, focusing on roles and responsibilities in crafting and executing a robust strategy. It emphasizes aligning strategic components with organizational goals and adapting to evolving threats, covering vital areas like supply chain considerations, the three lines of defence, and the seven components of maturity. The module explores effective governance practices, including frameworks and policies, fostering a well-structured and accountable governance framework. Communication is highlighted as crucial for successful cybersecurity governance, empowering participants to convey policies, incidents, and strategies to diverse stakeholders, promoting cybersecurity awareness. Ultimately, participants gain the knowledge and skills needed to develop a comprehensive cybersecurity strategy, implement effective governance, and enhance communication within their organizations.

The training course accommodates a diverse range of participants, catering to specific needs and roles within various industries.

The course can be followed by various target groups:

• Finance professionals: already engaged in the finance sector, including financial analysts, managers, and executives, seeking to enhance their understanding of cybersecurity specific to financial environments
  

• Process & Business analysts
  

• Business managers in insurance companies or financial institutions
  

• Product managers
  

• Risk Managers
  

• Compliance Officers
  

• FinTech

We kindly ask you to study the pre-course material (available on your profile MYFA) before the start of the trajectory – some of them are a must-read, others are optional to read. They have been carefully selected to introduce the class workshops and to support in-depth discussions with fellow participants.

Preparation: We kindly ask you to study the pre-course material (available on your profile MYFA) before the start of the trajectory – some of them are a must-read, others are optional to read. They have been carefully selected to introduce the class workshops and to support in-depth discussions with fellow participants.
Qualification and examination information: The programme leads to the certification “Qualified Cybersecurity Professional in Finance” at the conclusion of the full programme and after successfully completing the corresponding tests.

The tests for module 1 & 3 at the end of the course consist of multiple-choice questions (no disc correction). These tests are made remotely at your (work)place.  One must complete the online-tests within a month of taking the training. You have 2 attempts to pass these tests.  
The tests for modules 2 & 4 consist of group assignments and are administered in class during the scheduled sessions. These cannot be retaken.
For a satisfactory result, you must obtain at least 60% for each module. If you pass, you will receive the certificate proving that you have passed the tests and that you have the required technical knowledge.

You follow a ‘Classroom training’ in a group. You, the other participants and the teacher are all present in the same classroom at an agreed time. There is an opportunity for interaction and feedback, both from the participants to the teacher and vice versa. The teaching material consists as a basis of a presentation via the MyFA learning platform, supplemented with various other items (such as digital syllabus, presentation, audiovisual fragments, etc.).

The knowledge acquired in the seminar will be validated through an examination. The examination is based on a MCQ questionnaire of around 30 questions.

The required passing rate is 60%.

At the end of the training, a certificate of attendance will be available on your learner's account or obtained upon request through our customer service.

Candidates who successfully complete the examination will receive the following certificate of completion co-signed by the ABBL, Febelfin Academy, Solvay Lifelong Learning and House of Training: "Qualified Cybersecurity Professional in Finance"