Cyber Security in Banking
INVESTMENT
DURATION
START DATES
DELIVERY MODE
ASSESSMENT
COURSE OVERVIEW
This comprehensive course explores the pivotal realm of cybersecurity within the banking sector. As financial institutions increasingly shift to digital platforms, the importance of robust cybersecurity measures becomes paramount. Participants will journey through the diverse IT ecosystems of banks, exploring the everevolving threat landscape. Through a combination of theoretical lessons, realworld case studies, and practical labs, students will grasp how to buil
COURSE OBJECTIVE
TARGET AUDIENCE
Bank IT Professionals • Application Developers and Engineers • Cyber Security Specialists • Banking Executives and decision makers • Compliance and legal professionals • Frontline Banking Employees
WHAT YOU WILL STUDY
introduction to Cybersecurity in Banking • Importance of cybersecurity in the financial sector • Historical cyber-attacks in banking and lessons learned. • Regulatory landscape (e.g., GDPR, CCPA, PSD2) Understanding the Banking IT Ecosystem • Core banking systems and their architectures • Digital banking platforms: Web, Mobile, and APIs • Third-party integrations and partner ecosystems • Emerging technologies: Blockchain, AI, IoT Threat Landscape for Banking • Types of threats: Phishing, ransomware, DDoS, insider threats • Advanced Persistent Threats (APTs) • Cybercrime and organized crime syndicates • Nation-state threats Security Policies and Governance • Developing security policies and procedures • Incident response planning and management • Risk assessment and management • Security awareness and training Securing Banking Infrastructure • Network security: Firewalls, IDS/IPS, Network segmentation • Endpoint security: Anti-malware, EDR, Mobile Device Management • Cloud security considerations for banking • Secure configurations and patch management
LEARNING OUTCOMES
Articulate the significance of cybersecurity in the banking context, referencing past incidents and regulatory landscapes. • Distinguish between different components of the banking IT ecosystem, including core banking systems, digital platforms, and emerging technologies. • Identify and analyse varied threats faced by banks, evaluating their origins, impacts, and mitigation strategies. • Formulate robust security policies tailored to banking needs and ensure governance structures that promote swift incident responses. • Implement security measures across different layers, from network and infrastructure to applications and data. • Optimize Identity and Access Management (IAM) for banking operations, ensuring only authenticated and authorized access. • Adopt and adapt to evolving data protection and privacy protocols, staying abreast with global standards and regulations. • Evaluate banking systems for vulnerabilities and threats through testing, audits, and real-world simulation exercises. • Predict and prepare for future challenges in banking cybersecurity, leveraging insights on emerging technologies and threats. • Apply acquired knowledge in real-world settings, preventing cyber threats and responding efficiently if breaches occur. LEARNING OUTCOMES AND BENEFITS IApplication Security • Secure software development life cycle (SDLC) • Application penetration testing and code reviews • API security • Third-party software and open-source components Identity and Access Management (IAM) • User authentication and authorization mechanisms • Multi-factor authentication (MFA) • Role-based access control (RBAC) • Privileged access management (PAM) Data Protection and Privacy • Data classification and handling • Encryption standards and best practices • Data masking and tokenization • Data breach response and notifications Fraud Detection and Prevention • Behavioral analytics and heuristics • Real-time monitoring and alerts • Integrating AI and machine learning for fraud prevention Security Testing and Auditing • Vulnerability assessments • Penetration testing • Red teaming and blue teaming exercises • Compliance audits: PCI-DSS, ISO 27001, etc.
