The impact of cybercrime and how it threatens the financial services industry
This Cybercrime and Financial Services course can be presented in-house via live webinar.
Cybercrime and Financial Services Course Objectives:
- Understand the impact of cybercrime and how it threatens the financial services industry
- Master the key laws regarding computer misuse and fraud as well as the impact of the USA PATRIOT Act
- Be aware of how IT, physical and socially engineered methods are used to commit or facilitate cybercrime
- Gain a familiarity with the major fraud typologies used by cyber criminals
- Get to grips with the key security methods used to prevent cybercrime and learn what you can do to ensure that they are effective
Background of trainer:
The trainer has been a specialist trainer for over 20 years whilst at the same time working as Head of Financial Crime Prevention for both national and multinational firms as well as in broader compliance roles. His primary specialism is financial crime prevention, where he works both as an author, trainer and subject matter expert, including for international accreditation bodies.
He has a graduate diploma in anti-money laundering and is a member of the International Compliance Association. He is also experienced in working with retail banks, investment banks, asset managers, insurers, IFAs and insurance brokers in both retail and wholesale environments, dealing at all levels including with board executives and audit committees.
Cybercrime and Financial Services Course Content:
- The annual cost of cybercrime
- What is cybercrime / cyber-attack?
- Denial of service
- Device theft
- Malicious code
- Malicious insiders
- Phishing, vishing and social engineering
- Privilege escalation
- Web-based attacks
- Zero day vulnerabilities
- Costs and impacts
- Consumer impacts
- Impacts on firms
- Effects on the financial services industry as a whole
- Costs to industry
- Regulatory impacts
Mini case study: A right royal hack
The legal framework
- Computer Misuse Act
- Section 1 offences (as amended)
- Jurisdiction issues
- Fraud Act 2006
- Section 2,3 and 4 offences
- Secondary offences
- USA PATRIOT Act
- Potential related offences
- Market Abuse
- Money Laundering
- Terrorist Finances
Case study and team exercise
- The theft of an identity:
- The team will place themselves in the role of identity fraudster and plan to create a fake identity for use for online fraud.
- What method will the team use to create this identity and to avoid detection?
- Organised crime
- Opportunistic crime
- Internal risks
- Fraud typologies
- The Levy report
- Emerging typologies
- Scam risks
- Accomplice / illicit behaviour scams
- Bogus products and services
- Business targeted scams
- Gambling scams
- Identity Frauds
- Investment frauds
- Money making scams
- Technological scams
- Cyber risks
- Cyber attacks
- Cyber extortion
- Behavioural controls
- Social Media Safety
- Email Compliance
- Hardware and Software Safety
- Password security
- USB Security
- Remote Working Compliance
- Safe Surfing
- Behavioural economics
- Heuristic learning
Mini case study: Your comedy character name
- IT Countermeasures
- Physical perimeter
- Data perimeter
- IT perimeter
Mitigation and prevention
- Data journey
- Risk analysis
- Risk touch points
- Management information
- The role of identity confirmation
- DPA process
- The role of due diligence
- The role of training
- Reporting requirements
- New European requirements
Learning and future mitigation
- Root cause analysis
- Governance structures
- 3 lines of defence
- Monitoring and assurance
Case study and team exercise
- The has been a significant data breach at your firm, discus with the team what steps you would take to determine:
- What has occurred?
- What offences have been committed?
- What controls have been breached?
- What further investigations should be considered?
- To whom you may need to report the breach?
- Learning summary
- Further learning opportunities
- Summary of case studies
Cybercrime and Financial Services Course Summary:
The Office for National Statistics has said that cybercrimes committed in England and Wales have reached nearly 6 million per year. Reported cybercrimes vary from the sale of narcotics to individuals through the post to attacks between nations on defence, national infrastructure and political targets.
Motives include fraud, long term identity theft, as well commercial and political espionage. The financial services industry forms part of the core commercial infrastructure of the UK and remains a target for both criminally, commercially and politically motivated attacks.
Depending on the nature of their cyber risks, most regulated firms will already have provision in place for the prevention and investigation of cybercrime. However, the methods deployed against firms are constantly evolving.
This course provides an overview of the motives and methods driving the continuing increase in cybercrime and the tactics deployed by firms to frustrate them. It is not a specific course on IT countermeasures, but rather the internal controls firms need to effectively manage cyber risk.
Further Cyber Crime and Financial Crime Study
All courses at Redcliffe Training can be taken with a number of additional courses to increase understanding in any given area. Below are courses within financial crime and compliance which may be of interest.
Training Course Details
|Financial Crime Compliance, FCC, Risk Assessment, AML|
|AML (anti-money laundering), Financial crime compliance, risk implications and sanctions|
|Financial crime compliance, FCC, trade finance, risk assessment,|
|Be introduced to why is blockchain so important and how is blockchain used|
|Trade Finance Masterclass||FCC risks, mitigating risks in trade finance,|