Cyber Security Fundamentals for Directors

Booked out

Please note this programme is now booked out. However, if you wish to be added to a cancellation list, we will try our best to get you a place.

Reach out to our Learning and Education Team to be added to our cancellation list and/or phone the office on +353 1 411 0010.

Overview

Security. Risk. Culture. Regulatory and legal. Compliance. Planning.

Are you prepared for the NIS2 Directive? This new Directive is set to be implemented in Ireland in Autumn 2024. It will be the first EU-wide piece of cybersecurity legislation.

Cyber security governance legislation is changing. Updates to legislation will require directors and boards across all sectors to approve, oversee and take liability for security risk management measures taken.

Our short programme, Cyber Security Fundamentals for Directors is designed to support executive and non-executive directors to comply with incoming governance requirements. Eligible for 12 hours of CPD.

Join Bill McCluggage and expert industry speakers as they examine the key questions directors should ask their executive teams and advisors. These questions are essential to gaining a deep understanding of cyber security risks and impacts on a business.

Bill will take you through:

Governance, Technology and Cyber Risk
Regulatory, Legal and Compliance Matters for Boards
Capability and Cyber Culture
Planning and Incident Response – Board Actions

What you’ll get:

Clarity on where cyber security fits within their overall organisation strategy.
An understanding of the challenges of cyber security to reputation, and overall business and operational performance.
Gain an awareness of the emerging regulatory and legal landscape, and compliance requirements for their organisations.
Develop a grasp of the cultural change that may be needed to deliver a secure organisation and understand the impact of cyber secure strategies on operations, processes, and their supply chains.
Enable board-level attendees to see cyber risk as part of their overall business risk and the critical technology-based drivers in their business.
Gain a sufficient understanding on cyber security to enable an informed and fluent conversation on the performance of their organisation’s cyber risk policies and procedures with their technical cyber security teams.
Develop an action plan for their Board to prepare for, react to and withstand security compromises.

What people are saying

“The IoD Ireland Cyber Security Fundamentals for Directors programme delivered on its intention. It took a four pronged approached covering all the key areas essential to a director, including governance, the regulatory and compliance side, capability, and culture, as well as the planning and incident response for when a cyber-attack may happen. It also followed best practice recommendations from the NCSC and Cyber Ireland. This Programme is an essential for all directors."

Karen Herbert, Head of Group Conduct, AIB

“I was drawn to the course as Cyber Security is now seen as a major challenge in our industry. The content was topical, relevant and at the right level for Directors. I completed with a far greater understanding of the many issues covered."

Aidan Coghlan, Group Managing Director, World Travel Centre

“The Cyber Security Fundamentals for Directors course was very effective. Even though I already had "insider" experience as a CIO, I wanted to develop my effectiveness as an INED and the course gave me useful "outside-in" perspective. Also, Bill is a great communicator and can bring participants from every background with him as he turns technical detail into understandable, actionable insight."

David Codd CDir

“I enjoyed the Cyber Security Fundamentals short programme. I obtained some very strong insights into this risk for our business and the learning interaction within the group was excellent. I will use some of the course learnings in my role as a Director and make changes which will help reduce this risk in our organisation."

Turlough Kinane CDir, Director, Thermodial Ltd

“The Cyber Security Fundamentals for Directors programme has given me the tools to help reduce the likelihood of a catastrophic cyber security attack and set a clear framework to react when one occurs. The group discussions and case studies helped put these learnings into practice deepening my understanding and confidence to deal with this challenging issue. I have used this knowledge to stimulate discussions at Board and senior management level about our organisation’s preparedness and the need to develop more detailed policies, especially, when dealing with an attack."

Dr Leonora Bishop, Independent Non-Executive Director

IoD Ireland is a member of Cyber Ireland and a partner of the National Cyber Security Centre (NCSC).

In our vision of making Ireland an exemplar of corporate governance and our remit to support our members in ensuring high standards of cyber security, we partner with both organisation to learn their insights and learnings on this key area. As a member of Cyber Ireland we aim to support their goal of providing a collective voice to represent the cyber security ecosystem in Ireland.

NCSC

The National Cyber Security Centre (NCSC) was founded in 2011 and is an operational arm of the Department of the Environment, Climate and Communications (DECC). The main roles of the NCSC are to lead in the management of major cyber security incidents across government, provide guidance and advice to citizens and businesses on major cyber security incidents, and develop strong international relationships in the global cyber security community for the purposes of information sharing.

Cyber Ireland

Cyber Ireland is the national cyber security cluster organisation that brings together Industry, Academia and Government to represent the needs of the Cyber Security Ecosystem in Ireland. They aim to enhance the Innovation, Growth and Competitiveness of the companies and organisations which are part of the cluster.

This programme takes place over 4 mornings with each module covering a particular theme. Each session is held online from 9:00am – 12:30pm. See more details below.

1. Governance, Technology and Cyber Risk.

Tuesday, 15th October 2024.

9:00 am to 12:30 pm.

Guest speaker to be announced.

2. Regulatory, Legal and Compliance Matters for Boards

Tuesday, 12th November 2024.

9:00 am to 12:30 pm.

Guest speaker to be announced.

3. Capability and Cyber Culture.

Tuesday, 26th November 2024.

9:00 am to 12:30 pm.

Guest speaker to be announced.

4. Planning and Incident Response – Board Actions.

Tuesday, 10th December 2024.

9:00 am to 12:30 pm.

Guest speaker to be announced.

Session one - Governance, Technology and Cyber Risk

Explore key business drivers and how to obtain senior management support for a robust technology and cyber security programme.

What we’ll cover:

Board responsibility for exercising appropriate oversight of cyber security risk management.
Technology and cyber risks management framework
Board-curious cyber security questions
Identifying business critical assets and components
Organisation risk appetite
Audit and risk committee responsibility for addressing cyber risk
Embedding basic cyber hygiene into business objectives
Information Security Management System review

Session two – Regulatory, Legal and Compliance Matters for Boards

Understand the responsibility of boards to ensure their organisations comply with various regulatory, legal and compliance regimes.

What we’ll cover:

The current and emerging regulatory, legal and compliance landscape
Building a cyber risk assurance framework
Understanding the mechanics of a cyber attack
Development of a board-level threat model
Balancing cyber security strategies and the impact on operational processes
Identifying and mitigating internal and external cyber risks

Session three - Capability and Cyber Culture

Discover the Board’s role in building organisational capability and growing a positive cyber security culture designed for business defence.

What we’ll cover:

The importance of putting people at the heart of security
Supply chain collaboration on cyber security
Layering your defences
Building an organisational cyber security management plan
Assessing the maturity of cyber security defence measures
Workforce skills and capability development

Session four - The Social Agenda: The Board’s Role

Equip yourself with the tools you’ll need to plan for a potential cyber security incident.

What we’ll cover:

The Board’s role in incident management
The anatomy of a cyber attack
Responsive incident management plan development
Recovery plan establishment
Creating a cyber risk management lifecycle

Bill McCluggage Programme Lead and Chief Information Officer Expert

Bill is an experienced Managing Director, IT Director, Chief Information Officer (CIO), Chief Technology Officer (CTO), CISO, business and technology consultant, and company Chairman. He has worked for both the public and private sectors. Bill is currently a Non-Executive Director for the following organisations: FCDO Services, Cocoon Data Technologies and Triangle Housing Association. He is also Chair of the Northern Ireland Fraud Forum and a CIO/CISO Advisor for Tanium. Bill is a former Head of Information Security at Open Banking, and former Irish Government CIO within the Department of Public Expenditure and Reform.

Colin Rooney Programme guest contributor and Partner, Arthur Cox LLP

Colin is a partner in the Technology and Innovation Group of Arthur Cox LLP. Colin’s practice has a strong emphasis on information management issues. In this context, Colin advises on a wide variety of data issues, from day-to-day data protection advice to cross-jurisdictional data sharing projects and online data/information regulation. Colin has particular expertise advising clients on data related regulatory and enforcement actions, notably involving the Irish Data Protection Commission. Colin also advises on information technology, online trading matters, and has extensive experience advising both international and domestic clients on commercial IT agreements. He is recommended in the most recent editions of each of Chambers Europe and The Legal 500.

Dr Valerie Lyons Programme guest contributor and Company Director, and Chief Operating Officer, BH Consulting

Author of the best-seller ‘The Privacy Leader Compass’ and included in the ‘Top 100 Women in Cybersecurity in Europe’, Dr. Valerie Lyons is an accomplished and driven cybersecurity and privacy leadership expert. Her career spans over 30 years - working in both cybersecurity and privacy teams. She has worked for several global organisations, such as IBM, KPMG, and ABB, and served as Head of Information Security Risk in KBC Bank for almost 15 years. Dr. Lyons is the Chief Operations Officer in BH Consulting since 2015. She has an in-depth knowledge of European data protection law and practices, and frequently presents at renowned international security and privacy conferences (such as RSA, COSAC, ISACA and CPDP). She has also lectured in Dublin City University on Privacy, Cybersecurity and Digital Ethics. In 2022, Dr Lyons was awarded a PhD in Information Privacy for her research into Privacy in the ESG suite. She also holds a Masters in Business Leadership, along with a post-graduate diploma in Executive Coaching. She is a certified CISSP for almost 25 years, and is also qualified as a CDPSE and CIPP/E. She is an honorary fellow of The Irish Information Security Forum (IISF) since 2004 and a member of the European Data Protection Board’s pool of experts.

Is this eligible for CPD?

Dimension covered: Technical Skills and Knowledge

Eligible hours: 12 hours of Chartered Director CPD

This session may be eligible for other professional body CPD. Check with your relevant professional body.

Workshop participants will receive a Certificate of Attendance on completion of the session.

What is the cost?

IoD members - €1500

Non-members - €1950

It is not possible to book individual sessions, booking is paid for as a whole.

Cancellation and refund policy

Places are confirmed upon full payment. Cancellations with a full refund are accepted in writing to cpd@iodireland.ie until Friday, 4th October 2024. After this date, no refunds are possible, and all fees are forfeited for cancellations or non-attendance. Please note this virtual but live and interactive series requires live online attendance at each session. Unfortunately, recordings will not be available as part of post-session materials.

Group bookings

Contact the IoD Ireland Learning and Education team on cpd@iodireland.ie or phone +353 1 411 0010.

How do I attend?

To reserve your space, book and pay through the “Book now” button.

Once registered, we’ll send an email to confirm your booking.

We'll also send a reminder email with a link to access the session closer to the date. You must click the link and confirm your details to receive the direct link to join the workshop.

The event will take place on Zoom. Download Zoom if you don’t have it already. Please ensure you have a working microphone and camera to take part in our interactive workshop.

Want to connect with fellow workshop participants?

All workshop attendees will receive a list of all other workshop participants in advance of the session. This will include name, job title and organisation. If you have any queries around this please contact the Learning and Education team.

For GDPR reasons, we cannot provide contact details on the attendee list.

Questions?

For any IoD Ireland Learning and Education Programme queries, email cpd@iodireland.ie or call +3531 411 0010.