Course Agenda

Agenda

Day 1 - Thursday 28th March

09:00

Registration and refreshments

09:30

Cyber risk management

  • How does cyber risk fit into risk management 
  • Challenges with traditional qualitative approach to cyber risk 
  • Regulatory overview
  • Challenges of cyber risk in increasingly regulated world
  • Technological tools for cyber risk - new vulnerabilities and ways to address this

11:00

Morning break

11:30

Risk process - Scenario design and analysis 

  • Scoping scenarios for analysis 
  • Collecting data and making estimates 
  • Applying stress testing and scenario analysis to cyber risk 
  • Presenting results and communicating about risk to decision-makers

13:00

Lunch

14:00

Case Study: Quantifying cyber security risk 

  • Loss distribution approach
  • Cyber VaR
  • Probabilities for uncertain conditions 
  • Accuracy vs. Precision 

Speaker: Dennis Bennett, CEO, MRMIA 

15:30

Afternoon break

16:00

Case Study: Summary to be confirmed

17:30

End of day one

Day 2 - Friday 29th March

Day two will be led by:
Michael Barton, Director - Operational Risk Quantification and Scenario Analysis, AIG
Anthony Shapella, Managing Director - Risk Officer - Liability and Financial Lines, AIG  

 

09:00

Refreshments

09:30

Risk management & quantification - portfolio view

  • Review of assessing individual risk for own risk management purposes 
  • Moving towards a portfolio view - how do you assess risk in aggregate? 

11:00

Morning break

11:30

Case study: Taking third-party vendor risk from individual to portfolio level

  • Using data to assess the risk of a single vendor
  • Assembling risk data for a portfolio of vendor companies 

13:00

Lunch

14:00

Case study: Portfolio risk

  • Methods to identify and address riskiest pockets of the portfolio 
  • Adjustments of overall risk view in light of portfolio risk reduction

15:30

Afternoon break

16:00

Portfolio modeling and individual risk

  • If you know what insurance companies are looking for to underwrite risk, what can that help you do to become a better risk? 
  • Organizational/risk management structures that are more favorable risks
  • Favorable controls 
  • Partnering that can be done to combat the wider risk

17:30

End of course