IT Security & Risk Management Programme in Cybersecurity

ATTF / House of Training

Banks and other financial institutions face major cyber threats. Whatever their size, they are extremely attractive targets. They must invest in technical and organisational means to protect their business and clients. Banks need also to develop broader strategies to engage with governments, other banks, their clients and the public.

Activity website:

Add Event to Calendar: vCal | iCal

Time & Place

14 Oct 2019 09:00 to 18 Oct 2019 18:00
7 Rue Alcide de Gasperi 1923 Luxembourg Luxembourg

Target Audience

Risk, security and compliance managers


This will be even truer as Fintech develops and more complicated digital systems increase inter-connectivity, and therefore vulnerabilities. The only efficient way to address this issue is to adopt proper Security Risk Management practices to ensure the right investments are made.

A major objective of this session is to make the link between Cyber and Risk Management to guide banks to face Cyber Threats.

By the end of this week you will be able to:

Identify how Cybersecurity fits in the governance of your institution;
Make the right decisions on how to address the cybersecurity risks;
Know where to focus investment into security (have the information needed to decide where to invest resources and where to get started);
Know how to get started with risk management
Know how to set up security and defense controls
Know how to respond to security incidents
Know how to react under attack and
Be prepared for the worst.

During this week, you will also be challenged to try to answer to the following questions:

What is the purpose of Cybersecurity?
Why is it important?
How to manage security?

Target Group

Executive levels, directors and managers of IT and information security, risk and compliance directors, managers of audit functions of financial institutions, central banks or supervisory bodies a partner country.

Day 1: IT Security & Refresh

Setting the scene & introduction
Practical examples
Basics 1-0-1
Overview of the Cybersecurity ecosystem in Luxembourg
Governance, regulation, legal aspects
IT–security vs. risk management

DAY 2: Cyber defence strategy based on a risk management approach, in line with the risk appetite of the Board - learning by doing

Cybersecurity challenge
What are the asset to be protected
Information Security Governance
Information Security Risk Management
Workshop on specific risk scenario
Optimised Risk Analysis Method & Platform
Introduction to the MONARC Tool – method for the optimization of risk analysis CASES (Cyberworld Awareness and Security Enhancement Services)

DAY 3: Cyber-attack simulation exercise including discussion with members of CIRL

Cyber-attack simulation game - ROOM 42 (SMILE) & Discussion with members of CIRL - Computer Incident Response Center &
Visit to the Luxembourg House of FinTech (LHOFT) -

DAY 4: State of the art and best practice workshops

IT audit and Governance
AI Risk/Control
Cloud for banks? What to do and how? By the CSSF (Commission de Surveillance du Secteur Financier) - Supervisory Authority of the Luxembourg Financial Sector
Initiating the journey into the Cloud - Cloud case study by a major insurance company
Social Event « Cyber Challenges 2020 » organised by a Luxemburgish IT services company in the framework of the Cyberweek.

DAY 5: Application of the knowledge acquired

Workshop in the framework of Cybersecurity4success, by the ABBL – The Luxembourg Bankers’ Association

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information