Financial Cybersecurity Risk Management ― Leadership Perspectives and Guidance for Systems and Institutions

Financial cybersecurity is a complex, systemic risk challenge that includes technological and operational elements. The interconnectedness of financial systems and markets creates dynamic, high-risk environments where organizational security is greatly impacted by the level of security effectiveness of partners, counterparties, and other external organizations. The result is a high-risk environment with a growing need for cooperation between enterprises that are otherwise direct competitors. There is a new normal of continuous attack pressures that produce unprecedented enterprise threats that must be met with an array of countermeasures.

Financial Cybersecurity Risk Management explores a range of cybersecurity topics impacting financial enterprises. This includes the threat and vulnerability landscape confronting the financial sector, risk assessment practices and methodologies, and cybersecurity data analytics. Governance perspectives, including executive and board considerations, are analyzed as are the appropriate control measures and executive risk reporting.

What You’ll Learn

Paul Rohmeyer has extensive industry and academic experience in many areas, including: information systems management, IT audit, information security, business continuity planning, and vendor management. He is a faculty member at the School of Business at Stevens Institute of Technology and has presented and published on information security, decision making, and business continuation. He has provided senior-level guidance to numerous financial institutions in the areas of risk management, information assurance, and network security over the past two decades.

Prior to his consulting career, Paul served as Director of IT for AXA Financial and Director of IT Architecture Planning for SAIC/Bellcore. He has MS and PhD degrees in information management from Stevens Institute of Technology, an MBA in finance from St. Joseph’s University, and a BA in economics from Rutgers University. He has achieved the CGEIT (Certified in the Governance of Enterprise IT), PMP (Project Management Professional), and NSA-IAM (US National Security Agency Information Assurance Methodology) credentials.

Jennifer L. Bayuk is a cybersecurity due diligence expert, cybersecurity risk management consultant, and an adjunct professor at Stevens Institute of Technology. She has served in many roles, including: global financial services technology risk management officer, Wall Street chief information security officer, Big 4 information risk management consultant, manager of information technology internal audit, security architect, Bell Labs security software engineer, professor of systems security engineering, private cybersecurity investigator, and expert witness.

Jennifer has written numerous publications on information security management, information technology risk management, information security tools and techniques, cybersecurity forensics, technology-related privacy issues, audit of physical and information systems, security awareness education, and systems security metrics. She has master degrees in computer science and philosophy, and a PhD in systems engineering. Her certifications include CISSP, CISA, CISM, CGEIT, and a New Jersey state private investigator license.