CERTIFIED
CYBER
RISK
OFFICER

Material Aligned with NIS2 and DORA Regulations

ABOUT THIS COURSE


The Certified Cyber Risk Officer (CCRO) course equips professionals with the essential knowledge and skills to strategically manage cyber risk within their organisations. This specialised updated edition, references the global financial industry, ensures compliance with the Digital Operational Resilience Act (DORA) and other key regulations such as NIS2.
8 Weeks
8-10 Hours Commitment Per Week
Self Paced Entirely Online
Online Academy
Delivered Entirely Online
80 CPD Points
Approved by Various Bodies
Certification
Continual Assessment via Online Exams and Written Assignments
Next Course 
 Jan 9th, 2024
€2,499 (VAT Not Applicable)

This Course is AI Enabled with Our Interactive DORAGPT Generative AI Tool

CCRO COURSE
OVERVIEW


CLICK TO PLAY OVERVIEW VIDEO


  • Comprehensive Understanding: From identifying cyber risks to implementing effective risk management frameworks.
  • Strategic Management: Learn to manage and communicate cyber risk strategically within an organisation.
  • Real-World Application: Engage with practical case studies and receive one-on-one feedback from experienced tutors.
  • Cyber Leadership: Develop leadership skills to establish a culture of cyber resilience and protect digital assets.
  • Regulatory Compliance: Navigate the complexities of international cyber laws and regulations, ensuring your organisation meets industry standards.
  • Cyber Compliance: Referencing the Digital Operational Resilience Act (DORA) requirements with integrated case studies and real-world scenarios.

Prerequisite Qualifications for Enrolment

Before enrolling in this course, students are required to have one of the following qualifications:

  • CCRO - Certified Cyber Risk Officer (Previous Revision)
  • CCRS - Certified Cyber Risk Specialist
  • NCSE - NIST Cyber Security Expert
  • DCCS - DORA Certified Compliance Specialist

If you do not hold any of the above qualifications, you may still be eligible for the course based on other relevant qualifications or professional experience. We encourage you to contact us to discuss your individual situation and clarify your eligibility further.


Our Partners 


More Info


What Does The Course Cover?


“Learn how to understand, manage, and communicate cyber risk strategically within an organisation.”

This course is designed for non-technical professionals and takes students on a comprehensive journey from understanding the cyber threat landscape to developing a robust cyber strategy for their organisation. Here’s what you can expect:

  1. Comprehensive Learning Modules:

    • Each Thursday, a new module is released, featuring approximately 2 hours of HD video training, complete with captions and PDF casebook files.
    • Topics range from cyber risk identification to implementing effective risk management frameworks.
  2. Interactive Learning Experience:

    • Engage with DORAGPT, our AI-powered interactive tool, to enhance your learning experience and apply theoretical concepts in real-world scenarios.
  3. Real-World Application:

    • Reference real-life case studies and pragmatic examples to understand how to manage cyber risk within an organization.
    • Weekly written assignments challenge you to apply your knowledge to practical scenarios, such as crafting memos to senior leadership or requesting budgets for cybersecurity initiatives.
  4. Personalised Support:

    • Receive one-on-one feedback from your tutor every week.
    • Participate in live Instructor-Led Training (ILT) sessions every Tuesday via Zoom to interact with peers and seek clarifications.
  5. Continual Assessments:

    • Weekly online exams with 50 multiple choice questions ensure you stay on track.
    • Open book format with answers available in the training materials.
  6. Practical Outcomes:

    • Develop leadership skills to foster a culture of cyber resilience.
    • Navigate the complexities of international cyber laws and regulations, including GDPR and DORA, to ensure your organization meets industry standards.
    • Master the Digital Operational Resilience Act (DORA) through integrated case studies and practical applications.

Who Should Enrol: “If you are on a board or report to senior leaders in relation to cyber risk, this course is ideal for you.”

This course is perfect for C-Suite executives, IT heads, compliance officers, cybersecurity teams, and anyone involved in managing cyber risk within an organisation.


Explore The Modules

MODULE 1

UNDERSTANDING CYBER RISKS AND THE FINANCIAL SECTOR

Write your awesome label here.

Overview of Cyber Threat Landscape:

We explore the cyber threat landscape, key threat actors, their motivations, and techniques.

Case Studies:

We review high-profile cyber attacks to understand why they occurred and what could have been done to prevent them.

DORA Alignment:

We introduce the five pillars of DORA and how they relate to understanding and mitigating cyber risks in the financial sector.

MODULE 2

DEVELOPING A FINANCIAL SECTOR CYBER STRATEGY

Write your awesome label here.

Cyber Strategy Anatomy:

We outline the importance and structure of a cyber strategy, including integration with organisational frameworks.

Business Value Chain:

We identify the business value chain and the importance of business systems, assets, and entities. CIBF Critical Important Business Functions.

DORA Compliance:

Discuss how to align the cyber strategy with DORA requirements, focusing on ICT risk management and digital operational resilience.

MODULE 3

CRQ – CYBER RISK QUANTIFICATION AND METRICS

Write your awesome label here.

Cyber Metrics:

We explore traditional and "meaningful" cyber metrics that empower the business.

Risk Calculation:

Calculate inherent and residual cyber risks, aligning metrics with business objectives.

DORA Metrics:

Develop metrics that support DORA compliance, including key performance indicators (KPIs) and key risk indicators (KRIs) for ICT risk management and incident reporting.

MODULE 4

CYBER LEADERSHIP AND GOVERNANCE 

Write your awesome label here.

Leadership Role:

Outline the role of leadership, governance structures, and supporting processes.

Talent Development:

Address resourcing challenges, talent development, and establishing a culture of loyalty and business protection.

DORA Governance:

Emphasise the importance of leadership in implementing DORA requirements and fostering a culture of digital operational resilience.

MODULE 5

CYBER RISK AND THE LAW

Write your awesome label here.

Legal Landscape:

Understand the complex landscape of cyber-related laws, regulations, and business requirements.

International Regulations:

Outline key laws and regulations, including GDPR and the NIS2 Directive.

DORA Legal Compliance:

Develop approaches to align business, legal, and regulatory drivers with DORA requirements, focusing on ICT risk management and incident reporting.

MODULE 6

CYBER RESILIENCE AND INCIDENT MANAGEMENT

Write your awesome label here.

Regulatory Expectations:

Outline minimum regulatory expectations for cyber resilience.

Control Alignment:

Align business continuity, disaster recovery, and incident response with cyber resilience programs.

DORA Incident Management:

Focus on detection, communication, and containment strategies in line with DORA's ICT-related incident management and reporting requirements.

MODULE 7

THIRD PARTY CYBER RISK IN THE FINANCIAL SECTOR

Write your awesome label here.

Business Value Chain:

Identify, analyse, manage, and report risks associated with third-party partners, vendors, and remote workers.

Legal Impact:

Understand the impact of GDPR and other legal requirements on third-party risk management.

DORA Third-Party Risk:

Incorporate DORA's requirements for managing ICT third-party risk, including training and compliance for third-party service providers.

MODULE 8

IMPLEMENTING A CYBER RISK STRATEGY

Write your awesome label here.

Strategy Development:

Leverage case studies or organisational examples to develop a comprehensive cyber risk strategy.

Cyber DNA:

Dissect the Cyber DNA of the business, establish key metrics, and create a maturity roadmap.

DORA Integration:

Align the cyber risk strategy with DORA requirements, establish board-level reporting processes, and develop measures to manage and report the implementation of the strategy.

The Course is For?


The Certified Cyber Risk Officer (CCRO) course is ideal for professionals who are responsible for cyber risk management, or report to, the management board. This course is particularly beneficial for those tasked with ensuring compliance with the Digital Operational Resilience Act (DORA). It has been specifically designed to foster collaboration among business leaders across various disciplines within an organisation.

Key Stakeholders Who Will Benefit:

  • C-Suite Executives: CEOs, CFOs, COOs, and other senior executives responsible for strategic decision-making and overall organisational risk management.
  • CISO/CSO/CIO or CRO: Chief Information Security Officers, Chief Security Officers, Chief Information Officers, and Chief Risk Officers who oversee the organisation’s cybersecurity posture and risk management strategies.
  • Heads of IT/Security: Leaders managing the IT and security departments, ensuring the integrity and security of the organisation’s information systems.
  • Chief Compliance Officers (CCO): Professionals ensuring that the organisation adheres to regulatory requirements and internal policies, especially regarding cyber risk and resilience.
  • Cyber Security/Risk/Compliance Teams: Teams dedicated to managing cybersecurity threats, assessing risks, and ensuring compliance with industry standards and regulations.
  • Legal and Procurement Professionals: Legal advisors and procurement officers who need to understand cyber risk implications for contractual agreements and regulatory compliance.
  • Heads of Business Units: Leaders of various business units who must integrate cyber risk management into their operational strategies.
  • Technology Leaders / Project Managers: Professionals overseeing technology projects, ensuring that cybersecurity measures are incorporated into project planning and execution.
  • Management Professionals / Team Leaders: Mid-level managers and team leaders who need to understand and mitigate cyber risks within their areas of responsibility.
  • Digital Consultants: Advisors who provide strategic guidance on digital transformation and cybersecurity to organisations.

This course is essential for those involved in designing, implementing, or supporting a cyber risk management program. It equips participants with the knowledge and skills to protect their organisation's digital assets, ensure compliance with DORA, and foster a culture of cyber resilience.

IDEAL TRAINING COURSE FOR
Cyber Risk Leader
Develop and Implement Strategy
Gaining Recognition
Cyber Risk Management Specialist
Cyber Security and Risk Teams
Collaborate and Support Enterprise

What Support Do I Get?


Head Tutor
Subject Expert
Course Manager
One to One Student Support
Technical Support
Available to Solve Tech Issues
Social Learning
Student Network Collaboration
Extended Network of Material
Recommended External Material
Subtitles/CC
Core Module Videos Have Captions

Head Tutor


Paul C Dwyer – President of the ICTTF International Cyber Threat Task Force

Paul C Dwyer is recognised as one of the world’s foremost experts on cyber security, risk and privacy. As CEO of Cyber Risk International he specialises in corporate and enterprise security, development of cyber defence programs, and business operations protection for CRI clients. As founder and President of the ICTTF International Cyber Threat Task Force he is an advocate for diversity in the industry and leads a community of over 30,000 with a common goal to defeat cyber evil.
Certified an industry professional by the International Information Security Certification Consortium (ISC2) and the Information System Audit and Control Association (ISACA). Approved by the National Crime Faculty and the HTCN High Tech Crime Network. He has worked extensively around the world his diverse career spans more than 30 years working with military, law enforcement and the commercial sector.
Roles have included:
  • President of the ICTTF International Cyber Threat Task Force
  • Co Chairman of the UK NCA National Crime Agency Industry Group
  • Advisor to NaCTSO (National Counter Terrorism Security Office)
  • Advisor to NATO on Countering Hybrid Cyber Threats
  • Advisor to UK Defence Committee DEFCOM in Parliament
  • Deputy Chair – Organised Crime Task Force Industry Group – NI
  • Interim Global CISO for numerous multi national organisations
  • Advisor to numerous governments and intelligence agencies
PAUL C DWYER CEO - BIO
“An eye opening course bringing to life exactly what a CISO is and maybe more importantly what is isn’t. Many lightbulb moments that will help refocus how to better align security with the business, and what it takes to be successful.” Mark Conabeare – CISO Debenhams

“An eye opener giving a global picture backed up with real world examples, Great Knowledge.” Shane O’Reilly – Head of IT – Total Produce

What Our Students Say


Write your awesome label here.

Jennifer O’Brien

Lead in Group Internal Audit, Bank of Ireland
Write your awesome label here.

Dr Vince Hughes

Director, Crime Stoppers International
Write your awesome label here.

Stephen McCormack 

Head of IT, Maxol
Write your awesome label here.

Audrey Barrett

Data Protection Officer, SIPTU
 I would highly recommend the Certified Cyber Risk Officer course. It provides a good overview of the issues and risks associated with cyber security, without assuming a detailed technical knowledge. I have found the course to be very engaging, structured and well taught. 

Richard Atterbury
Head of Compliance Cyber Security  -
Barclays Bank PLC

 I'm finding the course fascinating and really well paced, I was a bit concerned about fitting in the course around my role but with the lectures being online and recorded if you can't make the slot its ideal. Would recommend to anyone interested in a Cyber Risk role. 

Simon Rafferty
Financial Crime Analyst -
MotoNovo Finance

 I cannot recommend the CCRO course enough. The team were incredibly supportive and the course itself was presented in a easy to follow, non technical manner. I am looking forward to putting some of the learning into practice.. 

Tracey Gernon
Senior Risk Manager -
EML


 I'm finding the course fascinating and really well paced, I was a bit concerned about fitting in the course around my role but with the lectures being online and recorded if you can't make the slot its ideal. Would recommend to anyone interested in a Cyber Risk role. 

Michel Schumacher
Senior Financial Crimes Compliance Manager - HSBC


CCRO - Certified Cyber Risk Officer's Work Here


Write your awesome label here.

FAQ


How Do I Get Certified?


  • Apply for Enrollment and Pay the Course Fees

To begin the certification process, follow these steps:

Enroll and Pay:
Start the application process by enrolling and paying the course fees online.
Course Participation:
Engage in the CCRO online course, which includes ongoing evaluation through online exams, written assignments, and Instructor-Led Training (ILT) sessions.

Achieve Certification Requirements:

-Adhere to the ICTTF Code of Ethics.

-Successfully complete the required curriculum.

-Achieve an average score of 80% or higher across all exams and assignments.

Certification:
Upon meeting all the requirements, you will be certified and gain all the rights and privileges associated with the designation.

Re-Certification:
Maintain your certification by re-certifying every three years.

Certification is overseen by the board of the ICTTF International Cyber Threat Task Force and accredited by the ICA International Compliance Association.

What is a Cyber Risk Officer?


The Leadership Role of a Certified Cyber Risk Officer (CCRO) in the Financial Sector

A Certified Cyber Risk Officer (CCRO) in the financial sector, particularly with a focus on the Digital Operational Resilience Act (DORA), plays a pivotal leadership role in safeguarding the organization's digital assets and ensuring regulatory compliance. Here’s how:

1. Comprehensive Knowledge and Skills:

  • Cyber Security: Develop, implement, or support comprehensive cyber security programs that protect the organization from cyber threats.
  • Risk Management: Establish robust risk management frameworks that align with the organization’s strategic objectives and regulatory requirements.
  • Privacy Programs: Ensure compliance with data privacy regulations, mitigating risks associated with data breaches and non-compliance.

2. Strategic Implementation:

  • Integration with Business Goals: Align cyber risk management strategies with the organization’s business goals and operations, ensuring a seamless integration of security measures into everyday business practices.
  • Regulatory Compliance: Lead the organization in meeting the stringent requirements of DORA, ensuring operational resilience and compliance with international financial regulations.

3. Leadership and Influence:

  • Secondary Role to Primary Functions: Often, a CCRO role complements primary roles such as Chief Information Security Officer (CISO) or Chief Compliance Officer (CCO), providing specialized expertise in cyber risk management.
  • Aspiring Leaders: Aspiring CISOs and other business leaders pursue CCRO certification to enhance their credentials, preparing them for advanced roles and board-level positions such as Non-Executive Directors (NxDs).

4. Board-Level Engagement:

  • Advisory Role: Act as a key advisor to the board, providing insights into cyber risk trends, potential impacts, and strategic responses.
  • Communication: Effectively communicate complex cyber risk issues and strategies to senior leadership and board members, ensuring informed decision-making.

5. Continuous Improvement and Resilience:

  • Ongoing Education: Stay updated with the latest developments in cyber security, risk management, and regulatory changes to continuously improve the organization’s resilience against cyber threats.
  • Adaptive Strategies: Develop and implement adaptive cyber risk strategies that respond to evolving threats and regulatory landscapes.

In summary, a CCRO in the financial sector is a crucial leader who ensures that the organization not only meets regulatory requirements like DORA but also maintains robust cyber resilience. By leveraging their extensive knowledge and strategic approach, CCROs play an essential role in protecting the organization’s digital infrastructure and fostering a culture of cyber security awareness and preparedness.


Will It Help My Career?


Why the CCRO Course is Crucial for Your Career

Addressing the Skills and Talent Shortage

The cybersecurity industry is facing an unprecedented skills and talent shortage, particularly in the financial sector where compliance with the Digital Operational Resilience Act (DORA) is critical. Here’s why enrolling in the Certified Cyber Risk Officer (CCRO) course can significantly enhance your career prospects:

1. High Demand for Cybersecurity Professionals:

  • Global Shortage: There is a global IT security skills shortage, with unfilled positions now surpassing 4.07 million professionals, up from 2.93 million last year.
  • Regional Impact: This includes 561,000 unfilled positions in North America and a staggering 2.6 million shortfall in the Asia-Pacific region. In Europe, the shortage of skilled workers has more than doubled, from 142,000 to 291,000.

2. Critical Need in the Financial Sector:

  • DORA Compliance: With the increasing complexity of financial regulations such as DORA, there is a growing need for professionals who can navigate and implement these requirements effectively.
  • Risk Management: Over half (51%) of cybersecurity professionals report that their organizations are at moderate or extreme risk due to staff shortages. This risk is particularly pronounced in the financial sector where data protection and operational resilience are paramount.

3. Career Advancement Opportunities:

  • High Demand for CCROs: The global security workforce needs to increase by 145% to meet hiring demands. CCRO certification positions you as a valuable asset capable of filling this critical gap.
  • Versatile Roles: Certified Cyber Risk Officers are sought after for roles such as CISO, CCO, and other senior leadership positions, providing a clear path to career advancement.

4. Comprehensive Skill Development:

  • Holistic Training: The CCRO course covers everything from cyber risk identification and management to strategic implementation and regulatory compliance.
  • Real-World Application: Engage with practical case studies, receive personalized feedback, and participate in interactive sessions to apply your learning in real-world scenarios.

5. Enhancing Organizational Resilience:

  • Leadership and Influence: As a CCRO, you will play a pivotal role in shaping and leading your organization’s cyber risk management strategy, ensuring robust protection of digital assets.
  • Compliance Expertise: Mastering DORA and other key regulations positions you as an expert in ensuring your organization’s compliance and operational resilience.

By completing the CCRO course, you will not only fill a critical need in the industry but also position yourself for significant career growth and leadership opportunities. Embrace the chance to become a pivotal force in enhancing your organization’s cyber resilience and compliance capabilities.


Do I need to have a Cyber Security or Technical Background?


No. The Certified Cyber Risk Officer (CCRO) course has been specifically developed for a non-technical audience, focusing on leaders within the financial sector. Here’s why you don’t need a technical background:

  1. Designed for Non-Technical Leaders:

    • The syllabus is crafted to cater to business leaders with limited IT technical knowledge. It assumes no prior technical expertise.
  2. Comprehensive Explanations:

    • When technical concepts are referenced, they are fully explained in a clear and understandable manner. This ensures that all participants, regardless of their technical background, can grasp the material.
  3. Focus on Business Leadership:

    • The course equips business leaders with the knowledge, skills, and confidence to effectively liaise with technical subject matter experts. By demystifying technical jargon and concepts, you will be able to engage in meaningful discussions and make informed decisions about cyber risk management.

This course empowers you to understand, manage, and communicate cyber risk strategically within your organization, without requiring a prior background in cybersecurity or IT.


How Do I Re-certify?


A CCRO Certification is valid for three years from the date it is awarded. To maintain your certification, follow these steps:

  1. Recertification Exam:

    • Availability: Starting from June 2023, the recertification exam will be available online at www.icttf.org.
    • Fee: There is a fee of €500 for the recertification exam or any resits required.
  2. Re-Enrolling Option:

    • If you choose to re-certify by re-enrolling in the course, you can do so and receive a €500 discount off the cost of the CCRO course.

Ensure you stay certified and continue to enjoy all the benefits and privileges associated with your CCRO designation by completing the recertification process every three years.


What is the Course Format?


Learning Structure:

1. Weekly Modules:

  • Duration: 8 weeks
  • New Module Release: Every Thursday
  • Content: Approximately 2 hours of HD video training material, fully captioned
  • Accompaniment: PDF casebook files containing transcripts and supplementary information

2. Instructor-Led Training (ILT) Sessions:

  • When: Every Tuesday
  • Duration: 1 hour
  • Format: Live Zoom sessions with the head tutor
  • Purpose: Interact with peers, ask questions, and get clarifications

3. Online Exams:

  • Frequency: Weekly
  • Format: 50 multiple choice questions (MCQs)
  • Resources: Open book; answers available in the online training materials

4. Written Assignments:

  • Frequency: Weekly
  • Content: Apply knowledge to practical scenarios
  • Examples: Crafting memos to the board, requesting budgets for initiatives

5. Training Materials:

  • Format: On-demand videos and PDF transcripts
  • Extras: "Jargon Buster" section and further reading guidance

6. Submission Deadlines:

  • Exams and Assignments: Due by Wednesday each week

7. Passing Criteria:

  • Average Score: 80% across all exams and assignments

This structure ensures a blend of self-paced learning, interactive sessions, and practical applications to help you master the essential skills of a Certified Cyber Risk Officer.


What is the Pass Mark and How Does the Scoring Work?


Pass Mark:

  • The pass mark for successful certification in the CCRO course is 80% or higher

Scoring and Evaluation:

  1. Course Scoring Rubric:

    • Students are provided with a course scoring rubric that explains how written assignments are graded.
  2. Continual Evaluation:

    • Students are continually evaluated throughout the course.
  3. Online Module Assessments/Exams:

    • Frequency: Weekly, with a total of 8 online module exams and  written assignments for the first 7 modules.
    • Format: These assessments ensure that students are grasping the module content effectively.
  4. Written Assignments:

    • Frequency: Weekly, with a total of 7 written assignments that must be submitted each week. (no written assignment in final week)
    • Content: These assignments apply the knowledge gained during the course to practical scenarios.
  5. Total Evaluated Areas:

    • There are a total of 15 evaluated areas (8 exams + 7 assignments).
  6. Scoring:

    • Scores are averaged across all 15 evaluated areas.
    • The total average score across all assignments and exams is used to determine if a student is successfully certified.

By maintaining an average score of 80% or higher across all exams and assignments, students will successfully achieve certification as a Certified Cyber Risk Officer (CCRO).


What is the Cancellation Policy?


Registration: A booking online reserves your place, this does not guarantee your place. Only *payment in full of the course fees will guarantee your place. You will be sent a registration email to complete your profile once payment in full has been received.
Installment Payment Option: If a student has elected to pay by installments, they are fully committed and legally obligated to pay ALL installments outlined.
Course Cancellation: Due to unforeseen circumstances, ICTTF Ltd may be compelled to cancel the course at short notice. In such circumstances, registrants will be entitled to a full refund of their course fee, or the course fee can be credited towards a future course.
Cancellation:

Notice of a registrant’s intention to cancel their registration must be made in writing (sales@ICTTF.org ) to ICTTF Ltd. In such cases, registrants will have the following options:

1) Nominate a replacement to attend in their place. Such notice must be made in writing at least 5 days before the commencement of the course.

2) Defer to a course commencing at a later date. Such notice must be made within 10 days of the commencement of the course and is subject to availability.

Registrants who fail to attend the course will be charged 100% of the full fee.

Substitutions/Replacements:

Where a registrant who has to cancel nominates a suitable replacement to attend in their place, no cancellation penalty will be incurred unless the registrant has already started the course. The suitable replacement must meet the Entry Requirements for the

course.

Fees: Participants wishing to transfer to a later date will be billed a 10% administration fee plus any increase in the price of the course.  

Participants who started the course and wants to nominate a replacement will be billed a 10% administration fee plus any increase in the price of the course.
Changes to Course: ICTTF Ltd. reserves the right to change course content, structure, lecturers and dates.

Where Are the Terms and Conditions?


Please follow this link to the Cyber Risk Academy terms and conditions: Terms and Conditions

Where Will my Certified Qualification be Recognised?


Our cyber risk certifications are recognized globally. This course has been accredited and benefits from dual certification by the International Compliance Association (ICA); CPD UK and other respected bodies.