Cyber Risk and Resilience for Critical FMI

Banking, Insurance and Financial Services November 30, 2025
Enquire About This Course

Introduction

Cyber-attacks represent one of the most severe threats to financial stability, with critical Financial Market Infrastructures (FMIs)—including payment systems and clearing houses—being prime targets. A successful attack could disrupt settlement, compromise data, or cause a systemic liquidity crisis. This course provides a comprehensive and advanced examination of the evolving **Cyber Risk** landscape and the implementation of robust **Cyber Resilience** frameworks for FMIs. It goes beyond basic IT security to focus on threat intelligence, response protocols for extreme cyber incidents, the role of international standards (e.g., FSB, CPMI), and the crucial coordination between the central bank, FMI operators, and system participants to ensure the integrity and continuity of critical services under duress. Participants will develop the knowledge to lead cyber stress testing and ensure defense-in-depth strategies are effective.

Objectives

Upon completion of this course, participants will be able to:

  • Analyze the evolving **Cyber Threat Landscape** specific to critical Financial Market Infrastructures (FMIs) (e.g., SWIFT, RTGS).
  • Apply the principles of **Cyber Resilience** and Defense-in-Depth strategies to FMI architecture.
  • Develop and execute system-wide **Cyber Stress Testing** and "war game" scenarios (e.g., a data integrity attack).
  • Formulate a detailed **Incident Response Plan** for high-impact cyber events, focusing on containment and recovery.
  • Understand the international regulatory expectations and frameworks for FMI cyber resilience (e.g., FSB, CPMI, G7).
  • Design a robust **Threat Intelligence** and Information Sharing framework with system participants and national authorities.
  • Evaluate the risks associated with third-party vendors and the FMI **supply chain** in a cyber context.
  • Establish a robust governance and oversight framework for continuous cyber risk monitoring and reporting.

Target Audience

  • Chief Information Security Officers (CISOs) and Heads of IT Security.
  • Operational Risk and Cyber Resilience Managers.
  • FMI Oversight and Policy Specialists.
  • Heads of Payments Systems Operations and Technology.
  • Internal Auditors focused on Technology and Cyber Risk.
  • Senior Management involved in Crisis Management and Business Continuity Planning (BCP).

Methodology

  • Cyber Stress Test and Incident Response Simulation Exercises (War Games)
  • Group Activities on Drafting a Cyber Incident Communication Protocol for an FMI
  • Case Studies on Major Cyber Attacks and Post-Incident Remediation
  • Expert Lectures on Threat Intelligence Analysis and TIBER Frameworks
  • Workshops on Designing a Third-Party Cyber Risk Management Due Diligence Checklist
  • Individual Assignments on Mapping Critical FMI Assets to Cyber Security Controls

Personal Impact

  • Acquisition of highly specialized, cutting-edge knowledge in FMI-specific cyber risk and resilience.
  • Enhanced ability to lead and execute complex, high-stakes cyber incident response and recovery.
  • Improved strategic understanding of the intersection of cyber risk, financial stability, and operational resilience.
  • Development of specialized skills in threat intelligence, stress testing, and supply chain risk management.
  • Increased professional credibility as a key leader in the organization's defense posture.
  • Better decision-making on critical IT security investments and vendor selection.

Organizational Impact

  • Significant strengthening of the organization's **cyber resilience** and ability to withstand severe attacks.
  • Mitigation of systemic risk and potential financial losses due to catastrophic cyber incidents.
  • Compliance with the highest national and international standards for FMI cyber security (FSB, CPMI).
  • Enhanced speed and effectiveness of incident response, minimizing downtime and disruption.
  • Improved governance, oversight, and a pervasive culture of cyber vigilance across the organization.
  • Better protection of sensitive data and preservation of public trust in the financial system.

Course Outline

Unit 1: The FMI Cyber Threat Landscape

Attacks and Vulnerabilities:
  • Analysis of major cyber-attack vectors targeting FMIs (e.g., ransomware, supply chain compromise, data integrity attacks).
  • The unique threat profile of payment systems (RTGS, SWIFT) and central counterparties (CCPs).
  • The concept of "blended" attacks combining cyber and operational failures.
  • Identifying critical information assets and **Crown Jewels** requiring the highest level of protection.
  • Case studies of high-profile cyber incidents affecting the financial sector.

Unit 2: Cyber Resilience and International Standards

Frameworks and Compliance:
  • Differentiating between IT Security, Cyber Security, and **Cyber Resilience**.
  • Applying the FSB and CPMI-IOSCO frameworks for FMI cyber risk management and recovery.
  • Developing a **Defense-in-Depth** strategy tailored to FMI requirements (e.g., network segmentation, least privilege).
  • Implementation of robust cryptographic controls and key management (including PQC considerations).
  • The concept of **systemic cyber risk** and its contagion channels.

Unit 3: Incident Response and Recovery Protocols

Crisis Execution:
  • Designing a formal **Cyber Incident Response Plan (CIRP)** with defined roles and escalation matrices.
  • Protocols for rapid containment, triage, and eradication of an active threat.
  • Data integrity and recovery strategies (e.g., immutable backups, clean-room restoration).
  • Protocols for communicating an incident internally, to regulators, and to system participants.
  • Legal and forensic requirements for post-incident analysis and reporting.

Unit 4: Cyber Stress Testing and Third-Party Risk

Validation and Ecosystem:
  • Developing and executing realistic **Cyber Stress Testing** scenarios (e.g., penetration testing, red-teaming).
  • The concept of **TIBER** (Threat Intelligence-Based Ethical Red-teaming) and its application to FMIs.
  • Managing cyber risk inherent in the FMI **supply chain** and critical third-party vendors.
  • Establishing a framework for mandatory security testing and validation of vendor-provided services.
  • Cross-sector and cross-jurisdictional coordination for system-wide resilience testing.

Unit 5: Governance and Continuous Oversight

Embedding Security:
  • The role of the Board and senior management in setting cyber risk appetite and strategy.
  • Integrating cyber risk into the overall Operational Resilience and BCP frameworks.
  • Establishing a continuous **Threat Intelligence** sharing mechanism with national and international partners.
  • Compliance and regulatory reporting requirements for FMI cyber incidents.
  • Staff training, security awareness programs, and embedding a pervasive culture of cyber vigilance.

Ready to Learn More?

Have questions about this course? Get in touch with our training consultants.

Submit Your Enquiry