CBCM: Certified Banking Cybersecurity Manager

Description

This course replaces the FFIEC CAT focus with a modern, bank-ready approach to cybersecurity governance and assessment. You’ll learn how to build and run an Information Security Program (ISP) anchored in regulatory expectations (GLBA/FFIEC), select and implement a cybersecurity framework (e.g., NIST CSF 2.0 with the CRI Profile overlay), and translate risk assessments into testing, reporting, and decisions that your Board can act on.

We’ll walk through the full ISP loop—Risk → Program → Test → Report → Adjust—and practice with hands-on labs: framework selection and scoping (tiers/IGs), evidence standards, remediation road-mapping, quarterly board reporting, and testing calendars.

BONUS! Students should be able to complete a current/target CSF profile (and/or CRI diagnostics at the appropriate impact tier) for their own institution during the course.

This is a management-level certification for executives and IS leaders who need clear, repeatable methods to govern cyber risk, justify investments, and demonstrate effectiveness to auditors and examiners.

Topics

  • Regulatory Overview & Why Cybersecurity Matters (GLBA/FFIEC foundations)
  • ISP Components & Governance (roles, risk appetite, independence, culture)
  • Cybersecurity Frameworks (NIST CSF 2.0, CRI Profile, CIS Controls, CISA CPGs)
  • Framework Implementation (profiles/tiers, diagnostics, evidence ≤15 months, POA&M)
  • Risk Assessments that Drive Decisions (IT assets, vendors/TPRM, BIA → org posture)
  • Policy Writing Lab (framework choice, implementation, reporting, testing requirements)
  • Effective Cybersecurity Reporting & Decision-Making (board-ready snapshots & trends)
  • ISP Testing Program (audit/VA/PT/SE cadence, IR/BCP tests, action tracking & exceptions)

WHO SHOULD ATTEND:

  • Director, President, CIO, CISO, CTO, CFO, COO

This course is self-paced with 10 weeks allowed to complete. Final exam is required to earn the certification.

By purchasing this certification, you are hereby agreeing to the policies and procedures of the SBS Institute. Click HERE to read and review.

Upcoming Certifications

Results 1-2 of 2
Results 1-2 of 2

CPE Credits

SBS 4.00

Learning Objectives

  • Complete the actual Cybersecurity Assessment for your institution.
  • Develop a deeper understanding of commonly missed baseline controls.
  • Build a solid foundation of understanding for the FFIEC guidance.
  • Gain the knowledge to better defend against cybersecurity threats.
  • Receive a comprehensive collection of cybersecurity resources.

Content

Introduction
Module
Module 2: ISP Components and Cybersecurity Frameworks
Module
Module 3: NIST CSF 2.0
Module
Module 4: CRI Profile
Module
Module 5: Using Your Risk Assessments to Make Better Decisions
Module
Module 6: Effective Cybersecurity Reporting and Decision Making
Module
Module 7: ISP Testing and Reporting
Module
CBCM Final Exam
Module

Click here to view additional Upcoming Certification dates or if you prefer to start sooner than later, click here to start On Demand.

“I was fortunate enough to be involved in the first offering of the certification program and due to the program’s benefits, I continue to renew each year. Each year I learn something new and more innovative ways to grow the bank’s program. SBS has been a resource not only for their certification programs, but also as a security partner.”

- Rachel Losey, PA

Continue your cyber education by exploring the other courses available in the Executive Learning Path:

 

Share This Certification