1st Edition
Cyber Resilience in Banking A Practical Guide to Governance, Risk, and Compliance
Chapter 1: Building Cyber Resilience in Banking: Strategies for Managing Technology and Cybersecurity Risks
· Overview of the banking threat landscape
· Cybersecurity frameworks (e.g., NIST, ISO 27001, FFIEC)
· Risk assessment methodologies
· Incident response and disaster recovery strategies
· Operational resilience planning
Chapter 2: Cybersecurity Governance for Banks: Bridging the Gap Between Boardrooms and Security Operations
· Role of the Board and C-Suite in cybersecurity governance
· Building a cybersecurity risk management framework
· Cyber risk reporting metrics and KRIs for financial institutions
· Integrating cybersecurity into enterprise risk management (ERM)
· Regulatory expectations for bank executives (e.g., FFIEC, OCC, Basel III)
Chapter 3: Technology Risk Management in Banking: A Practical Guide to Mitigating Operational and Cyber Risks
· Identifying and assessing technology risks in banks
· Third-party and vendor risk management (TPRM)
· Managing risks in digital banking platforms (mobile, cloud, blockchain)
· Technology control frameworks (e.g., COBIT, ITIL)
· Managing IT obsolescence and technical debt
Chapter 4: AI-Driven Cybersecurity in Banking: Leveraging Technology for Proactive Threat Management
· Using AI and ML for fraud detection and prevention
· Behavioral analytics for transaction monitoring
· AI-powered SOCs and automated threat hunting
· Ethical concerns with AI in banking security
· Case studies on AI implementation in financial services
Chapter 5: Cybersecurity Regulations and Compliance for Banks: Navigating Global Standards and Best Practices
· Key regulatory frameworks (e.g., GDPR, DORA, PCI DSS, GLBA, SOX)
· Meeting the requirements of U.S. regulators (FFIEC, OCC, SEC, FDIC)
· Implementing data privacy controls in banking operations
· Achieving and maintaining SOC 2 and ISO 27001 certifications
· Addressing cross-border data transfer issues
Biography
Richard Young is a seasoned technology executive and academic leader with a distinguished career in the financial services industry. Based in New York City, he currently serves as a platforms engineering and technology risk executive at one of the top global financial institutions based on Wall Street, where he leads a team of technology and cyber risk software developers and risk managers. With extensive experience in the global financial sector, Richard is recognized for his expertise in cybersecurity, technology risk management, and regulatory compliance. In addition to his professional accomplishments, Rich is pursuing a doctoral degree in Educational Leadership, where he focuses on the intersection of technology and education. He is also an educator, teaching graduate courses on technology risk management and cybersecurity. Richard is deeply committed to fostering the next generation of technology leaders, particularly in underserved communities, and is in the process of establishing a Science, Technology, Engineering, and Mathematics (STEM) school for underprivileged youths to be in New York city and Johannesburg, South Africa.
