The Human Firewall: Essential Cybersecurity for Financial Services Support Staff

Introduction

In the modern financial sector, cyber defence is no longer limited to the IT department - it is a regulatory and operational requirement for every employee. As key handlers of Personally Identifiable Information (PII) and highly Confidential Client Data (CCD), support staff represent the most critical and frequently targeted human layer of our defence.

This comprehensive workshop moves beyond basic awareness. It provides actionable, high-impact knowledge reinforced by practical scenario testing, supporting staff in identifying advanced social engineering attacks, executing immediate and compliant incident response protocols, and mastering secure data handling procedures required by global regulations like GDPR and DORA.

Join this session for essential training to protect client trust and maintain the firm's license to operate.

What You Will Learn

This live and interactive session will cover the following:

• Advanced Threat Detection
• Deep Dive into Social Engineering: Real-world examples of Phishing, Spear Phishing, and Whaling attempts
• Verification Workshop: Practice the critical steps required to verify high-risk requests that use urgency and authority to bypass checks
• AI Attack Recognition: Understand the use of deepfakes and vishing, and how to report such threats
• Regulatory Duty and Secure Data
• Compliance Requirements
• Data Classification: Learn to identify, classify, and apply the correct handling protocols
• Secure Handling Protocols: Implement mandatory, approved methods for secure client document sharing (encrypted portals) and storage, eliminating 'Shadow IT' risks
• Physical Security: Clean Desk Policy and protocols for securing physical files and unattended workstations
• Incident Response Mastery
• Immediate Action Protocol: Using the 4-step S-T-R-R rule (Stop, Tell, Report, Record) for prompt containment and escalation of any suspected incident
• Regulatory Documentation: What information must be logged following an event to satisfy audit requirements
• Live Scenario Testing: Participate in guided scenario walkthroughs to better appreciate the challenges of meeting the full reporting procedures under time pressure
• System and Policy Hygiene
• MFA Defence: Understand and defeat MFA fatigue attacks and reinforce best practices for two-factor authentication use
• Least Privilege Access: Apply the core principle of only maintaining system access absolutely required for your current role
• Policy Review: Review and locate the firm's most critical security and compliance policies (Remote Work, Data Retention, Acceptable Use)

Recording of live sessions: Soon after the Learn Live session has taken place you will be able to go back and access the recording - should you wish to revisit the material discussed.