IT Governance and Risk Consulting Ltd (ITGRC), a pioneering information security and training company has announced a cybersecurity risk management workshop on November 15 for the first time in Sri Lanka.
This workshop will be held at Hotel Renuka, Kollupitiya and it focuses on risk professionals in banking and financial service sector institutions (BFSIs), which are the primary target of cybercriminals.
ITGRC Director and CEO Thilak Pathirage stated, “This cybersecurity risk management workshop is timely planned for the benefits of risk professionals enabling them to learn and share the essential knowledge of cybersecurity risk management strategies and framework best practices such as NIST, FFIEC, COBIT5 and ISO27001. In the midst of several approaches available in developing and implementing cybersecurity risk management strategies, the participants will learn how to integrate their efforts in developing cybersecurity risk management programme within the scope of integrated risk management frameworks in banks.
“This will be a novel learning experience for the risk professionals those who are responsible for managing cybersecurity risk for which every bank is exposed either big or small. The board is responsible to adapt proactive risk management programmes in all the banks and financial organisations and their fiduciary responsibility is crucial when it comes to cybersecurity risks. No organisation can adopt ‘black sown’ approach as the next immediate target would be your bank, which will cost not only tremendous recovery efforts but also huge reputational risk and legal ramifications resulting loss of customers. The unique value of this workshop is the practical approach adapted in planning and implementing cybersecurity risk management programmes at the enterprise level instead of creating panic and fear in the mindset of the audience. They will also learn the recent development of cyber laws and regulations in the country, which will be helpful in understanding the legal safeguards available in managing cyber risk.”
He further stated, “Cybersecurity is not information security and there can be only two types of enterprises in this world, either ones that have been hacked already or that will be hacked in near future. These challengers demand corporate leaders to rethink of cybersecurity risk seriously and adapt proactive approach in developing risk base cybersecurity risk management programmes and road maps.”
The workshop is timely planned after experiencing two major bank heists in neighbouring countries – Bangladesh and Taiwan, which gave an alarm for the Sri Lankan BFSI sector to be prepared. The workshop will be addressed by key cybersecurity industry leaders including Digital Law Specialist Jayantha Fernando, UCSC Lecturer and Senior Cybersecurity Consultant Dr. Kasun De Zoysa, CERT Sri Lanka Principal Information Security Engineer Roshan Chandraguptha, ITGRC Ltd Director and CEO and Senior Information and Cybersecurity Consultant Thilak Pathirage and cybersecurity specialist Damith Pathirage.