About This Course

8 Weeks
Plus 1 Week Initial Orientation

8-10 Hours Per Week
Self Paced Entirely Online

Online Academy
Delivered Entirely Online

35 CPE / 84 CPD Points
Approved by Various Bodies

Continual Assessments

Next Course Starts March
Learning Modules Every Thursday

€1,950 (VAT Not Applicable)
*Grant Price: €1,495(Inc VAT)

The CCRO in 2 Mins

The Cyber Risk Officer course equips students with a comprehensive understanding of cyber risk management. The syllabus assumes a non-technical student and covers a range of topics from identification of cyber risks through to risk management options. The course has been designed to equip students with the knowledge, skills and confidence they require in order to protect the digital assets of their organisation and support the efforts of or lead the implementation of a cyber risk framework. 

Course Registration With Key Dates

Commences March 22nd 2021
Learning Modules Every Thursday

Date: Time: Event:
Mon Mar 22th 08:00 Orientation Module Available
Thu Mar 25th 08:00 Module 1 Available
Mon Mar 29th 13:00 Live ILT Session
Wed Mar 31st 17:00 Deadline to Complete Module 1 and Submit Assignment
Thu Apr 1st 08:00 Module 2 Available
Wed Apr 7th 17:00 Deadline to Complete Module 2 and Submit Assignment
Thu Apr 8th 08:00 Module 3 Available
Mon Apr 12th 13:00 Live ILT Session
Wed Apr 14th 17:00 Deadline to Complete Module 3 and Submit Assignment
Thu Apr 15th 08:00 Module 4 Available
Wed Apr 21st 17:00 Deadline to Complete Module 4 and Submit Assignment
Thu Apr 22nd 08:00 Module 5 Available
Mon Apr 26th 13:00 Live ILT Session
Wed Apr 28th 17:00 Deadline to Complete Module 5 and Submit Assignment
Thu Apr 29th 08:00 Module 6 Available
Wed May 5th 17:00 Deadline to Complete Module 6 and Submit Assignment
Thu May 6th 08:00 Module 7 Available
Mon May 10th 13:00 Live ILT Session
Wed May 12th 17:00 Deadline to Complete Module 7 and Submit Assignment
Thu May 13th 08:00 Module 8 Available
Wed May 19th 17:00 Deadline to Complete Module 8 and Final Exam
Course Completed – Results and Certifications Available

Grant Application - Ireland

*If you are employed in Ireland, you may be eligible for a significant subsidy for this course.

Grant in Collaboration With Technology Ireland ICT Skillnet

Video Testimonials

Dr Vince Hughes
Director, Crime Stoppers International
Stephen McCormack 
Head of IT, Maxol

Jennifer O’Brien
Lead in Group Internal Audit, Bank of Ireland

Audrey Barrett
Data Protection Officer, SIPTU

Written Testimonials

Richard Atterbury

"I would highly recommend the Certified Cyber Risk Officer course. It provides a good overview of the issues and risks associated with cyber security, without assuming a detailed technical knowledge. I have found the course to be very engaging, structured and well taught."

Richard Atterbury
Head of Cyber, Compliance - Barclays Bank PLC
Dr Vince Hughes

"Over my long career, I have experienced many courses from the perspective of a participant and a lecturer. I can honestly say the Certified Cyber Risk Officer stands as one of the best I have experienced. It is obvious the course has been developed by experts and has been designed primarily around the student, the content and the delivery. While the course is indeed intense, it is by no means overwhelming. Considering the subject matter, the ability to make the course easily digestible is a massive achievement and credit to the team involved. I would highly recommend this course to anyone who wants to understand and demystify the cyber world in which we now operate."

Dr Vince Hughes
CEO, Director - Crime Stoppers International & Crime Stoppers Australia
Keith Baxter

"A wealth of knowledge has been gained from the course.

Enjoyable and perfectly paced with some great real world insights."

Keith Baxter
CIO - Anthony Nicholas Group
Samantha Moolman

"I thought this course would be too technical for me not being in IT, but it is very well paced. The learning materials are easy to follow and concise and the forum collaboration and support is great. The course ties in so many factors across the business from board level to teams that give you a really well rounded approach to cyber security and you can see each week how you can apply this in your everyday roles. Highly recommended!!"

Samantha Moolman
Compliance Director, MLRO & DPO at SHH Operations
Audrey Barrett

This is truly an excellent course. The content is well planned and executed, with continuous reinforcement of important themes and teaching methods. The tutors knowledge and experience are invaluable. The interaction with other students proved valuable on aspects of the course and in the broader cyber risk landscape.

Audrey Barrett
Stephen McCormack

This is an excellent course full of information and relevant material for any organization. I have recently completed a Masters in Cyber Security and I would say this CCRO course has been more practical and useful in my day to day role. I would safely say the Head Tutor Paul C Dwyer knows everything there is to know about managing Cyber Risk in todays business environment.

Stephen McCormack
Head of IT - Maxol
Ayana Moore

"I really enjoyed the course. The format of delivery is via video as well as notes for those who prefer to read. Taking the different ways that people learn is appreciated. The information and examples referenced is relevant and current, which is important since the threats and tactics used is ever evolving. Would definitely recommend!"

Ayana Moore
Manager Monitoring and Testing
Neil Clark

"I work in the field of financial crime, mostly anti-money laundering, anti-corruption and fraud. Increasingly, cyber crime is impinging on every aspect of my work and consequently I really need to be well acquainted with the pertinent issues. This inspiring course is exactly what I have been looking for and is provides me with the kind of foundation that I can put into practice."

Neil Clark
Director - ABC Intelligence Ltd.
Mark Taylor

"We all know Cyber Security is important but do we genuinely understand the relevance to our role? The course is ideal for senior managers and those sitting on risks committees. It will give you the knowledge and confidence to take an active part in discussions concerning cyber risk and equip you to provide effective input into a subject which goes beyond tech."

Mark Taylor
Product Director - ICA
Chuck Georgo

"If you are the CEO of a company or organization that relies on information and communications technology to deliver your products and services, then you must appoint someone in your C-suite to serve as your Cyber Risk Officer and this is the course you must have them complete; you will sleep more soundly if you do."

Chuck Georgo
Executive Director - NOWHERETOHIDE.ORG
Pritesh Patel

"I have thoroughly enjoyed learning on this course. The content provided on this course is very informative using different methods such as videos and live ILT sessions. The tutor has been a great support throughout and provided great guidance."

Pritesh Patel
Network Specialist - Canada Life
Tristan Caley

"The CCRO course is an immersive 8 week learning experience. The material is expertly delivered by Paul C Dwyer and his team taking you on a journey that gives you a detailed understanding of the potential cyber threats to the business, the metrics to measure them and the tools to communicating the risks and control in the boardroom."

Tristan Caley
Manager - Financial Services
Simon Rafferty

"I'm finding the course fascinating and really well paced, I was a bit concerned about fitting in the course around my role but with the lectures being online and recorded if you can't make the slot its ideal. Would recommend to anyone interested in a Cyber Risk role."

Simon Rafferty
Financial Crime Analyst - MotoNovo Finance
Michel Schumacher

"I attended the course out of personal interest, without working in this particular area. It required some effort and dedication to get into the matter, but it was easily doable, due to the comprehensive course materials and the webinars. I learned a lot in this short amount of time."

Michel Schumacher
Senior Financial Crimes Compliance Manager - HSBC

We Partner With Industry Leaders

The Course Covers

This course brings you on a journey and commences with how to analyse the inherent cyber risk of your organisation. That includes areas such as:

  • Organisational Characteristics
  • Governance Structure
  • Technology Structure and Systems
  • Product / Service Delivery Channels
  • External Cyber Threats
We then gain an understanding of the current cyber risk status of the organisation holistically by exploring key control areas such as:
  • Cyber Risk Management and Oversight
  • Cyber Incident Management and Resilience
  • Cybersecurity Controls
  • Threat Intelligence and Collaboration
  • External Dependency – Vendor / Partner Risk

There is a focus on CRQ (Cyber Risk Quantification), meangingful metrics and how to support and develop a cyber strategy that supports your ERM (Enterprise Risk Management) program and business strategy.  Security standards, legal and compliance requirements are addressed throughout the material.  By the end of the course you will have gained the appropriate knowledge to build, implement or support a risk management framework for your organisation. 

The Course is For

The course syllabus has been specifically designed to be collaborative and bring together business leaders of various disciplines within an organisation. They are the key stakeholders in designing, implementing or supporting the cyber risk management program of an organisation. Key cyber risk management stakeholders include:

  • C-Suite
  • Head of IT/Security
  • CCO Chief Compliance Officer
  • Cyber Security/Risk/Compliance Teams
  • Legal
  • Procurement
  • Head of Business Units
  • Technology Leaders / Project Managers
  • Management Professionals / Team Leaders
  • Digital Consultants


Cyber Risk Leader
Develop and Implement Strategy

Cyber Security and Risk Teams
Collaborate and Support Enterprise

Gaining Recognition
Cyber Risk Management Specialist



The course is delivered over 8 weeks and preceded with an orientation module. Every Thursday a new module is added to the course. During the orientation module you will be introduced to your online teaching and technical support network and gain an understanding of the interface and tools. During the orientation phase you complete your student profile and gain an understanding of key milestones and how your assessments are calculated.  Training material comprises of rich interactive media such as videos, infographics, activities and course notes. There are many opportunities for collaborative learning via the discussion forums and you can leverage the portal to connect to other students around the world. During the course you can reference the case study example outlined in Module 1 or reference your own organisation. During the course students will develop a cyber strategy as part of their assessment, this can be based on their own organisation, the case study or a fictitious entity



Head Tutor
Subject Expert

Course Manager
One to One Student Support

Technical Support
Available to Solve Tech Issues

Social Learning
Student Network Collaboration

Extended Network of Material
Recommended External Material

Core Module Videos Have Captions



We explore the cyber threat landscape and gain an understanding of the key threat actors, their motivations and techniques. We review a number of high profile cyber attacks with a view to understanding why they were attacked and what could have been done to prevent the breach.  We outline a key “Case Study” example that is referenced through the rest of the course.

Module 1
  • Explore the cyber threat landscape
  • Cyber Threat Actors and Motivators
  • Categories of Cyber Threats
  • Underground Economy of Cybercrime
  • Crimeware and Examples
  • Cyber Warfare and Geopolitics
  • Attacks on Critical National Infrastructure including the Financial Sector
  • The Dark Web from Money Laundering to CaaS (Crime as a Service)
  • Anatomy of a Cyber Attack
  • Cyber Terrorism
  • Conclusion – We all Play a Part in Protecting Society from Cyber Threats
  • Case Study Video: The Cyber Attack on the US 2016 Elections – What We Can Learn
Video Tutorial: 01:11:00
Video Case Study: 00:42:12
Casebook: 85 Pages
Video Tutorial: 01:11:00
Video Case Study: 00:42:12
Casebook: 85 Pages
More Information



We outline the importance and the anatomy of a cyber strategy. How a cyber risk framework operates and how it integrates with the organisation. Understand the differences between standards, policies, procedures, legal and regulatory controls.  We outline how to identify the business value chain of an organisation and the importance of business systems, assets and entities that support that channel. 

Module 2
  • Outline the importance and the anatomy of a cyber strategy.
  • Principles of Cyber Security
  • Understanding Documents and Types
  • Asset VS Data VS Document VS Information Classification
  • Cyber Strategy Defined
  • Risk Management
  • Cyber Risk and the Board
  • Cyber DNA – Business Value Chain
  • Cyber Strategy Requirements
  • Regulatory, Legal and Business Drivers
  • Understanding Risk Language
  • Risk Management Options
  • Inherent Cyber Risk
  • Meaningful Metrics
  • Aligning Cyber Strategy with Business Strategy
  • The Cyber Strategy Challenge
  • Anatomy of a Cyber Strategy for Celtic Bank (Fictitious Global Bank)
  • Developing a Maturity Roadmap
  • Characteristics of a Cyber Assessment
  • Case Study Video: Cyber Risk Management in the Aviation Sector
Video Tutorial: 01:35:03
Video Case Study: 00:35:25
Casebook: 98 Pages
Video Tutorial: 01:35:03
Video Case Study: 00:35:25
Casebook: 98 Pages
More Information



We explore the traditional cyber metrics organisations leverage in relation to cyber security and risk and discuss “Meaningful Metrics” that empower the business. Calculating inherent cyber risk, residual cyber risk and aligning those metrics with business objectives. Informing and supporting the business with KPI’s (Key Performance Indicators) and KRI’s (Key Risk Indicators). Leveraging those metrics to develop appropriate maturity roadmaps and report and alert the business. 

Module 3
  • Understanding Risk and CRQ Cyber Risk Quantification
  • Quantitative vs Qualitative Risk
  • KRI Key Risk Indicators vs KPI’s Key Performance Indicators
  • Assessing Risk with Formulas
  • Risk Leverage – Cost Benefit Analysis
  • Examples of Real-Life Scenarios
  • Benefits of Measuring Cyber Risk
  • Understanding “Techie Metrics”
  • Vulnerability Scans – Understanding Reports
  • Environmental Scores – Relating it to Your Organisation
  • Establishing Metrics
  • Aligning Cyber Metrics to Business Strategy
  • Identifying What is Important to the Business
  • Measuring Inherent Risk
  • Measuring Maturity
  • Aligning with Guidance from FFIEC Federal Financial Institutions Examination Council
  • Metrics and the Cyber DNA of Your Business Model
  • Geopolitics and Influential Factors
  • Getting Started with Metrics and Empowering the Business
  • Case Study Video: Bank Heist – Stealing $45m from a Bank
Video Tutorial: 01:16:40
Video Case Study: 00:14:27
Casebook: 81 Pages
Video Tutorial: 01:16:40 Video Case Study: 00:14:27 Casebook: 81 Pages
More Information



The role of leadership, the governance structure and supporting processes are outlined. The challenge of resourcing, attracting new and developing in-house talent.  Establishing a culture of loyalty and business protection.  Identifying gaps in leadership and supporting  a meritocracy based on talent and ability.  Converging the physical security efforts with cyber to deliver a holistic program of protection for your organisation.

Module 4
  • Understanding Cyber Culture
  • The Role of Leadership
  • Policy and Trust
  • Converging Security Worlds
  • CISO Function Responsibilities
  • Attracting Talent
  • Understanding CISO and Cyber Leader Grades
  • Effective Cyber Security Training
  • Mentoring
  • Effective Communication
  • Trust Signals
  • Trust in Today’s World – Financial Sector
  • The Role of Compliance
  • Learning by Example – Lessons Learnt
  • HFT – High Frequency Trading and Geopolitics
  • Living in the Age of Accelerated Trust – Algorithms
  • Evolution of Trust – The “Trust Stack”
  • The Recipe – Components of a Cyber Risk Culture
  • Baking it In – Developing an Appropriate Cyber Risk Culture
  • Case Study Video: Cyber Insiders
Video Tutorial: 01:42:00
Video Case Study: 00:32:00
Casebook: 93 Pages
Video Tutorial: 01:42:00 Video Case Study: 00:32:00 Casebook: 93 Pages
More Information



Understanding the complex myriad of cyber related laws, regulations and business requirements is a challenge. In this module, we outline International landscape of key laws and regulations including GDPR and the NIS Directive. Developing an approach to understanding how to identify what is relevant and may impact your current or future business model. We outline key approaches to identifying the nexus of control requirements and driving efficiency by aligning business, legal and regulatory drivers with business drivers.

Module 5
  • Computer Misuse Legislation
  • Cyber Strategy Requirements and Legal Components
  • Transatlantic Cyber Security
  • Budapest Convention of Cybercrime
  • Directors Responsibility
  • Impact of Brexit
  • Polices, Acts, Laws and Regulations
  • Types of Legal Systems
  • Trade Secret Law
  • Employee and Contractor Privacy Challenges
  • Due Care and Due Diligence
  • Liabilities and Ramifications
  • Ethics and Moral Compass
  • The Compliance Cog
  • Different Jurisdictions
  • California vs Ohio – Notice of Security Breach Regulation
  • NY Department of Financial Services – Cyber Security Regulations
  • HIPAA Health Insurance Portability and Accountability Act
  • GLBA Gramm Leach-Bliley Act
  • FISMA Federal Information Security Management Act
  • Cyber Security Laws in Emerging Economies
  • Non-Regulatory: PCI DSS Payment Card Industry Data Security Standards
  • ISO27001 Information Security Management System
  • NIS Directive – EU Operators of Essential Services
  • NIST Cyber Security Framework
  • G7 Cyber Fundamentals
  • The Cyber Legal Challenge
  • How to Mitigate
  • Mandatory Breach Notification
  • Case Study Video: Cyber Ethics
Video Tutorial: 01:11:00
Video Case Study: 00:42:12
Casebook: 85 Pages
Video Tutorial: 01:29:14 Video Case Study: 00:34:23 Casebook: 101 Pages
More Information



We outline the minimum expectations of regulators when it comes to establishing cyber resilience.  Understanding preventative, detective and responsive controls. Best practices in aligning business continuity, disaster recovery and incident response with a program of cyber resilience. We outline the appropriate response to a breach. We focus on key aspects such as detection, communication and containment. We leverage the case study to outline the key aspects and learning points such as proactive strategies to detect an incident and containment strategies to mitigate the impact. 

Module 6
  • The Reality – Cyber Attacks are Inevitable
  • Cyber Resilience Defined
  • Understanding the Components of Incident Response and Cyber Resilience
  • Cyber Intelligence
  • Understanding Incident Response Management
  • 10 Steps to Incident Response Management
  • Prevention – Assessments and Risk Management
  • Planning – Documentation – IR Teams and Communication Plans
  • Preparation – Reporting Mechanisms – Documentation – Testing
  • Detection – Identification – Tools – Analysis – Categorization – Documentation
  • Analysis – Situational Awareness – Categorization – Documentation
  • Containment – Stopping the Spread – Evidence – Forensics
  • Communication – Key Stakeholders – Internal – External
  • Eradication – Root Cause Identification – Verification
  • Recovery – Testing – Monitoring
  • Post Incident Analysis – Lessons Learned – Improvement Feedback Loop
  • Case Study Video: Covid 19 Impact – Cyber Resilience
Video Tutorial: 01:41:59
Video Case Study: 00:44:26
Casebook: 126 Pages
Video Tutorial: 01:41:59 Video Case Study: 00:44:26 Casebook: 126 Pages
More Information



Every business is comprised of a business value chain. That is the various “links” or parts of the business that support the delivery of a particular service or channel. These links are often provided by third party partners, vendors or remote workers. We explore, how to identify, analyse, manage and report the associated risk to the business. The impact of the paradigm shift in the legal landscape including GDPR and how that factors into your approach. 

Module 7
  • Understanding the Supply Chain
  • C-SCRM Cyber Supply Chain Risk Management
  • Business Value Chain and Business Strategy
  • Supply Chain Risks – Interconnectedness and Interdependencies
  • Understanding Digital Assets
  • Traditional Approach – Broken Process and Not Appropriate
  • Analyzing Your Business Value Chain
  • Key Risk Indicators – Understanding Metrics
  • Aggregated Risk Across the Supply Chain
  • Key Principles
  • Assets – The Importance
  • KYS – Know Your Supplier
  • Risk Assessing Third Parties
  • Communicating with Suppliers and Business Partners
  • Define Minimum Standards
  • Supplier Contracts
  • Meeting the Challenge and Criteria in the Chain
  • Spread the Word – Collective Responsibility
  • Reporting – Defining the Process
  • Assurance – Right to Audit – Evidence – KPI’s
  • Improve – Continuous Journey
  • Build Trust – Partner – Shared Mission
  • Review Real-Life Examples of Attacks in the Supply Chain
  • Remote Workers – WFH – The Risk Reality – Steps to Take
  • Legal and Compliance Exposure of the Supply Chain
  • Risk Team and Procurement
  • Case Study Video: Supply Chain Attack – TalkTalk
Video Tutorial: 01:21:36
Video Case Study: 01:11:40
Casebook: 115 Pages
Video Tutorial: 01:21:36 Video Case Study: 01:11:40 Casebook: 115 Pages
More Information



In this module, we outline how to put everything you have learned together. Students leverage the case study or their own organisations to develop a complete cyber risk strategy. Dissecting the Cyber DNA of the business, establishing key metrics and a maturity roadmap. Aligning with the business strategy and establishing a board level reporting process. Developing processes to measure and manage the implementation of the cyber risk strategy and report the RoI to the business. 

Module 8
  • Putting it Together – Case Study Celtic Bank
  • Cyber Strategy
  • Business Value Chain
  • Cyber DNA
  • Cyber Requirement Drivers – Legal – Business – Regulatory
  • Risk Matrix
  • SMART Metrics
  • Status Check: Performing a Cyber Assessment of Framework
  • NIST CSF Cyber Security Framework
  • Context and Benefits of NIST CSF
  • Framework Core – Anatomy of NIST CSF
  • Informative References
  • Identify
  • Protect
  • Detect
  • Respond
  • Recover
  • Implementation Tiers
  • Tier 1 – Partial
  • Tier 2 – Risk Informed
  • Tier 3 – Repeatable
  • Tier 4 – Adaptive
  • Current State vs Target State
  • Coordination of Implementation
  • Lifecycle of Digital Transformation
  • Establishing a Cyber Risk Program
  • Prioritize and Scope
  • Orient and Contextualize
  • Current Status – Create a Profile
  • Conducting a Risk Assessment
  • Create a Target Profile
  • Determine, Analyze and Prioritize Gaps
  • Implement Action Plan
  • Communicating with Stakeholders
  • Financial Services Profile – Financial Services Sector Coordinating Council
  • Case Study Video: Cyber Evil – Why We Must Work Together to Defeat Cyber Threats
Video Tutorial: 01:12:17
Video Case Study: 01:02:40
Casebook: 107 Pages
Video Tutorial:01:12:17 Video Case Study:01:02:40 Casebook:107 Pages
More Information

About The ICTTF

The ICTTF – International Cyber Threat Task Force was established in 2010 as a not for profit initiative promoting the ecosystem of an international independent non-partisan cyber security community.  We have been committed to fostering collaboration, networking and knowledge sharing for almost ten years now.

Over that decade, we have constantly innovated on how best to achieve our mission. From online community portals, apps, local membership chapters and International events we have strived to work with our thousands of members from around the world.

Our mantra is “It Takes a Network to Defeat a Network” and our primary objective to foster collaboration and networking has been immensely successful, with our events culminating every year with our annual EU Cyber Summit.

The “bad guys” are strong, highly organised and well trained. Knowledge is power and power is strength. The ICTTF was born in Ireland and when launched used the slogan “Ní neart go cur le chéile” which in English translates to “There is no Strength Without Unity”. To be strong we all need knowledge and that is why we have developed this online training academy, so organisations can get their staff cyber strong and unified.

We will continue to work with our cadre of global cyber security, risk and privacy experts to develop the world’s best cyber academy.  Our first offering is our CCRO (Certified Cyber Risk Officer) course and is designed as a non-technical syllabus for business leaders. The success of the CCRO course has led to the development of our second training syllabus AKA the CCRS. The CCRS – Certified Cyber Risk Specialist course is completely aligned with the format and material of the CCRO course. The main difference is in the CCRS course, you do not partake in the live ILT (Instructor Led Training) sessions, assignments or have access to the bonus training material modules.’


Paul C Dwyer – President of the ICTTF International Cyber Threat Task Force

Paul has been certified an industry professional by the International Information Security Certification Consortium (ISC2) and the Information System Audit and Control Association (ISACA) and selected for the IT Governance Expert Panel.
Paul is an honorary fellow of the ICS Irish Computer Society, approved by the National Crime Faculty and the HTCN High Tech Crime Network.
Paul has worked extensively around the world and his diverse career spans more than 25 years working with military, law enforcement, and the commercial sector. His roles have included:

  • President of the ICTTF International Cyber Threat Task Force
  • Co Chairman of the UK NCA National Crime Agency Industry Group
  • Advisor to NaCTSO (National Counter Terrorism Security Office)
  • Advisor to NATO on Countering Hybrid Cyber Threats
  • Advisor to UK Defence Committee DEFCOM in Parliament
  • Deputy Chair – Organised Crime Task Force Industry Group – NI
  • Interim Global CISO for numerous multi national organisations
  • Advisor to numerous governments and intelligence agencies

A prolific contributor to the industry and media, Paul is a professional public speaker and industry evangelist. He has also authored a number of industry works including a book aimed at boards of director entitled – “The Art of Cyber Risk Oversight”.
As an industry networker Paul is a member of a number of distinct groups including the IoD (Institute of Directors), IIEA (Institute of International and European Affairs) and the IRM (Institute of Risk Management).
As an accomplished serial entrepreneur he has successfully built a number of security practices in the UK & Ireland and in 2016 was identified by Business and Finance as one of Ireland’s Top 100 CEOs.
Paul started his career as a technical networking specialist, he then specialised, trained and qualified in a number of disciplines including but not limited to ethical hacking, forensics, international management systems, risk management, business continuity, international governance frameworks, financial service regulations, cyber laws and project management.

Paul is a native of Dublin, Ireland, lives there with his wife, daughter and Bernese mountain dog children

Paul C Dwyer CEO - BIO

“An eye opening course bringing to life exactly what a CISO is and maybe more importantly what is isn’t. Many lightbulb moments that will help refocus how to better align security with the business, and what it takes to be successful.” Mark Conabeare – CISO Debenhams

“An eye opener giving a global picture backed up with real world examples, Great Knowledge.” Shane O’Reilly – Head of IT – Total Produce

“Quality course content explained in easy to connect real life situations. Highly knowledgeable professionals in the world of cyber and reality.” Gerard Clear – Head of IT – Cabot Financial


Step One: Apply for Enrolment and Pay the Course Fees.

The application process commences as soon as you enrol and pay for the course online. This application process includes an evaluation of your professional experience and if you are accepted you are enrolled for the online course. If your enrolment is rejected, you will receive a 100% refund and be notified generally within 72 hours.

The CCRO online course includes continual evaluation of your performance and competency via online exams, written assignments and ILT sessions. The CCRS course is based on only module related online exams.

If you meet all the certification requirements which includes the professional experience prerequisite, adoption of the ICTTF Code of Ethics and successful performance on the required curriculum and competency evaluation, you will be certified and entitled to all of the rights and privileges associated with the designation. You need to recertify every three years.

Certification is by the board of the ICTTF International Cyber Threat Task Force and accredited by the ICA International Compliance Association.

A Cyber Risk Officer is an individual with the knowledge, skills and experience to develop, implement or support a cyber security, risk and/or privacy program at an organization. It is often a secondary role to a primary role such as CISO or CCO. Aspiring CISO’s and other business leaders often become certified cyber risk officers in order to augment and/or validate their background for new challenges and roles, including board levels positions such as NxD’s.

There is a Global IT security skills shortages and it has now surpassed four million according to a recent industry survey.

The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year. This includes 561,000 in North America and a staggering 2.6 million shortfall in APAC. The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.

The global security workforce needs to increase by a staggering 145% to cope with a surge in hiring demand. In Europe, this has come particularly in smaller companies with one-99 employees, as well as those with over 500 employees.

In the report, over half (51%) of cybersecurity professionals said their organisation is at moderate or extreme risk due to staff shortages.

No. The syllabus has been developed for a non-technical audience. When technical concepts are referenced in any way, they are fully explained.

It is assumed that you have very limited IT technical knowledge. This course is for business leaders and provides them with the knowledge, skill and confidence to liaise with technical subject matter experts by demystifying the jargon and concepts.

A CCRO Certification lasts for three years from the date awarded. From June 2023 a recertification exam will be available online at www.icttf.org

There will be a fee of €500 for the recertification exam or any resits required. 

If students elect to recertify by re-enrolling in the course, they have that option and will receive €500 discount off the cost of the CCRO course.  

A CCRS Certification lasts for three years from the date awarded. From June 2023 a recertification exam will be available online at www.icttf.org

There will be a fee of €200 for the recertification exam or any resits required. 

If students elect to recertify by re-enrolling in the course, they have that option and will receive €200 discount off the cost of the CCRS course. 

The ICTTF – CCRO (Certified Cyber Risk Officer) course is delivered entirely online with a combination of live ILT (Instructor Led Training) sessions with the Head Tutor, recorded videos, downloadable case books and interactive material.

Course Overview

This is an eight week course prefaced by an “Orientation Module”.

Orientation Module

Overview: Introduction outlining the features of the online campus portal. Students get an opportunity to complete their online student profiles. Introductions to key support contacts.

Format: Video, PDF

Following the orientation module, each module becomes available on the Thursday morning of each week at 08:00 (Local Time – Dublin, Ireland).

Each module is comprised of the following materials:

  1. Reading Material (Case books and References in PDF Format)
  2. Video (Covering the Module Topic)
  3. Live ILT session with Head Tutor (Live every second week at 13:00 and available recorded
  4. Case Study: Video
  5. Online Assessment/Exam
  6. *Assignment (Written assignments are due by following Wed 12:00)

*There is a written assignment as part of the first 7 modules.

The structure of all educational modules (1-8) are very similar.

For the CCRO course, it is advised  for the student to make an estimated commitment of 8-10 hours per week for each module.

These assignments contribute towards the continuous evaluation of students and form part of their overall assessment and scoring.

Successful Certification and Scoring

The pass mark for successful certification on the CCRO course is 80%

Students are continually evaluated during the course. 

Each Week There is an Online Module Assessment/ Exam – 8 in Total 

For the First 7 Modules – There are also Written Assignments that have to be Submitted Each Week – 7 in Total

Scores are averaged across all 15 (exams + assignments) evaluated areas. The total average score across all assignments and exams is used to determine if a student is successfully certified. 

March 2021 – Course

Mon Mar 22th08:00Orientation Module Available
Thu Mar 25th08:00Module 1 Available
Mon Mar 29th13:00Live ILT Session
Wed Mar 31st17:00Deadline to Complete Module 1 and Submit Assignment
Thu Apr 1st08:00Module 2 Available
Wed Apr 7th17:00Deadline to Complete Module 2 and Submit Assignment
Thu Apr 8th08:00Module 3 Available
Mon Apr 12th13:00Live ILT Session
Wed Apr 14th17:00Deadline to Complete Module 3 and Submit Assignment
Thu Apr 15th08:00Module 4 Available
Wed Apr 21st17:00Deadline to Complete Module 4 and Submit Assignment
Thu Apr 22nd08:00Module 5 Available
Mon Apr 26th13:00Live ILT Session
Wed Apr 28th17:00Deadline to Complete Module 5 and Submit Assignment
Thu Apr 29th08:00Module 6 Available
Wed May 5th17:00Deadline to Complete Module 6 and Submit Assignment
Thu May 6th08:00Module 7 Available
Mon May 10th13:00Live ILT Session
Wed May 12th17:00Deadline to Complete Module 7 and Submit Assignment
Thu May 13th08:00Module 8 Available
Wed May 19th17:00Deadline to Complete Module 8 and Final Exam
Course Completed – Results and Certifications Available

June 2021 – Course

Mon Jun 21st08:00Orientation Module Available
Thu Jun 24th08:00Module 1 Available
Mon Jun 28th13:00Live ILT Session
Wed Jun 30th17:00Deadline to Complete Module 1 and Submit Assignment
Thu Jul 1st08:00Module 2 Available
Wed Jul 7th17:00Deadline to Complete Module 2 and Submit Assignment
Thu Jul 8th08:00Module 3 Available
Mon Jul 12th13:00Live ILT Session
Wed Jul 14th17:00Deadline to Complete Module 3 and Submit Assignment
Thu Jul 15th08:00Module 4 Available
Wed Jul 21st17:00Deadline to Complete Module 4 and Submit Assignment
Thu Jul 22nd08:00Module 5 Available
Mon Jul 26th13:00Live ILT Session
Wed Jul 28th17:00Deadline to Complete Module 5 and Submit Assignment
Thu Jul 29th08:00Module 6 Available
Wed Aug 4th17:00Deadline to Complete Module 6 and Submit Assignment
Thu Aug 5th08:00Module 7 Available
Mon Aug 9th13:00Live ILT Session
Wed Aug 11th17:00Deadline to Complete Module 7 and Submit Assignment
Thu Aug 12th08:00Module 8 Available
Wed Aug 18th17:00Deadline to Complete Module 8 and Final Exam
Course Completed – Results and Certifications Available

September 2021 – Course

Mon Sep 13th08:00Orientation Module Available
Thu Sep 16th08:00Module 1 Available
Mon Sep 20th13:00Live ILT Session
Wed Sep 22nd17:00Deadline to Complete Module 1 and Submit Assignment
Thu Sep 23rd08:00Module 2 Available
Wed Sep 29th17:00Deadline to Complete Module 2 and Submit Assignment
Thu Sep 30th08:00Module 3 Available
Mon Oct 4th13:00Live ILT Session
Wed Oct 6th17:00Deadline to Complete Module 3 and Submit Assignment
Thu Oct 7th08:00Module 4 Available
Wed Oct 13th17:00Deadline to Complete Module 4 and Submit Assignment
Thu Oct 14th08:00Module 5 Available
Mon Oct 18th13:00Live ILT Session
Wed Oct 20th17:00Deadline to Complete Module 5 and Submit Assignment
Thu Oct 21st08:00Module 6 Available
Wed Oct 27th17:00Deadline to Complete Module 6 and Submit Assignment
Thu Oct 28th08:00Module 7 Available
Mon Nov 1st13:00Live ILT Session
Wed Nov 3rd17:00Deadline to Complete Module 7 and Submit Assignment
Thu Nov 4th08:00Module 8 Available
Wed Nov 10th17:00Deadline to Complete Module 8 and Final Exam
Course Completed – Results and Certifications Available


A booking online reserves your place, this does not guarantee your place.

Only payment in full of the course fees will guarantee your place.

You will be sent a registration email to complete your profile once payment in full has been received.

Course Cancellation

Due to unforeseen circumstances, ICTTF Ltd may be compelled to cancel the course at short notice. In such circumstances, registrants will be entitled to a full refund of their course fee, or the course fee can be credited towards a future course.


Notice of a registrant’s intention to cancel their registration must be made in writing ([email protected] ) to ICTTF Ltd.

In such cases, registrants will have the following options:

·       Nominate a replacement to attend in their place. Such notice must be made in writing at least 5 days before the commencement of the course

·       Defer to a course commencing at a later date. Such notice must be made within 10 days of the commencement of the course and is subject to availability.

·       Registrants who fail to attend the course  will be charged 100% of the full fee.

Substitutions/ Replacements

Where a registrant who has to cancel nominates a suitable replacement to attend in their place, no cancellation penalty will be incurred. The suitable replacement must meet the Entry Requirements for the course.


Participants wishing to transfer to a later date will be billed a 10% administration fee plus any increase in the price of the course.

Changes to course

ICTTF reserves the right to change course content, structure, lecturers and dates

CCRO CCRS Individual Modules
8 Modules YES YES NO – each module sold separately
Weekly Exams YES YES YES – one per module
Assignments YES NO YES – one per module
Live Sessions YES NO NO
Access to Head Tutor YES YES YES
Bonus Material YES NO NO
Duration 8 weeks 90 days You have access to each module for 90 days*
Cost €1,950.00 €800.00 €500 per module
* – All 8 modules must be completed within 365 days to be eligible for the CCRO accreditation.

Please follow this link to the Cyber Risk Academy terms and conditions: Terms and Conditions


Confirm Navigation

You will be sent to the Technology Ireland ICT Skillnet website to apply for the grant