cyber resilience framework
Threatonomics

Mastering Cyber Resilience

Continued Education for Brokers on Effective Cyber Risk Management

by Whitney Glockner Black , VP, Communications
Published

Understanding and managing cyber risk as a broker requires constant learning. 

The landscape of cyber insurance is constantly shifting as cyber risk management practices adapt to new threats and strategies. To successfully build Cyber Resilience, brokers must go beyond standard risk transfer principles and expand their approach to look at cyber risk holistically. 

To help our broker partners meet annual continuing education requirements and gain a deeper understanding of Cyber Resilience, Resilience will hold several trainings across the US, Canada, the UK, and the EU to share our perspective and strategies with our global broker network.

Cyber Resilience 101, 202, and accompanying Cyber Resilience Workshops are designed to teach brokers the fundamentals of proactive cyber risk management. Each course was tailored by Resilience’s experts to help brokers better understand how cyber insurance can benefit their clients and its role in building Cyber Resilience.

Cyber Resilience 101

Cyber Resilience 101 is a comprehensive, full-day, in-person course tailored and instructed by Resilience’s experts to provide brokers with a solid foundation in cybersecurity principles and best practices. The course includes engaging modules, interactive discussions, and real-world case studies to create a practical and immersive learning experience; it offers eight continuing education credits and is accredited by the National Cyber Security Centre in the UK. Upon completion of the course, participants will be prepared to take the DRI (Disaster Recovery Institute) International Certified Cyber Resilience Professional Exam.

The course follows six modules that detail different facets of building cyber resilience. 

  • Introduction to Cyber Resilience – This module introduces concepts and context of the Cyber Landscape and how and why it is evolving through the lens of cyber risk.
  • Understanding Cyber Attacks and the Threat Landscape – In this module, our experts break down attackers’ motivations and methodologies, who they are, how they operate, insights into the dark web, and more. 
  • Cybersecurity Visibility and Actionable Hygiene – This session details the consequences of a data breach and how confidentiality, availability, integrity, and non-repudiation assist in protecting information assets.
  • Cyber Risk – This module teaches cyber Value at Risk, the function and process of risk assessment, risk management, risk acceptance, and transfer, and how to present to the Board, Budgeting Committee, and CFO. 
  • Risk Transfer – This module discusses cyber coverage and claims, explaining the key components of driving capital efficiency through first-hand expertise on recent cyber claims, lessons learned, and trends.
  • Cyber Incident Simulation – Practice makes perfect. This module is designed to help validate a designated incident response plan before the time of an incident. 

During this course, brokers will learn a proactive approach to safeguarding their clients’ critical assets, reputation, and trust. Offering this training to our network of brokers is an important part of strengthening our global Cyber Resilience efforts. This accredited course will be offered in multiple US, Canadian, and UK cities throughout 2024. 

Cyber Resilience 202

As a follow-up to Cyber Resilience 101, 202 offers a series of advanced cyber risk topics, educational resources, and training opportunities for brokers. Expanding upon the subjects shared in the 101 courses, this follow-up course will encourage attendees to apply their learnings to the multi-faceted third-party threat landscape.

Cyber Resilience 202 focuses on defending an organization’s broader attack surface. This module examines third-party risk surface monitoring, vendor risk management, and cloud security management strategies. As our internal claim’s data from 2023 demonstrated, third-party risk is the number one cause of loss and point of failure. Given the growing threat of third-party incidents, offering this supplementary training is critical in sharing our perspective and defending our brokers’ client environments. 

This two-hour supplementary course will be offered virtually to our global broker network. 

Cyber Resilience Tabletop Exercises (TTX)

To supplement Cyber Resilience 101 and 202, we are also offering Cyber Resilience tabletop exercises, immersive and interactive experiences featuring real-world incident simulations.  

During this exercise, brokers will step into the shoes of a cyber incident responder as Resilience’s experts simulate a breach scenario, allowing brokers to gather valuable insights and generate crucial lessons about incident response management. They will gain practical experience navigating through a gamified cyber crisis, understand the intricacies of a cyber insurance policy, and learn to effectively and calmly communicate with clients and stakeholders during an incident.

This two-hour exercise will be offered in person across the US, Canada, the UK, and the EU and can award two continuing education credit hours.

As we work to meet all of our global broker partner’s needs, we will announce new dates and cities for each of these training sessions. Follow Resilience on LinkedIn and sign up to get the latest on Resilience programming delivered directly to your inbox as we release dates, locations, new accredited courses, and more. 

You might also like

How to get people to care about security when they don’t report to you

Getting executive sign-off on a new control? Hard. Getting peer buy-in on security initiatives when they don’t report to you? Harder. In modern organizations, cybersecurity professionals often find themselves in the ultimate matrix of organizational challenges: you need buy-in from every department within the organization – operations, sales, HR, and finance – but none of […]

Why vendor discovery matters now (and how most organizations get it wrong)

The average enterprise relies on hundreds—sometimes thousands—of third-party vendors to operate. Yet when security leaders are asked for a complete inventory of these vendors, the response is often a patchwork of spreadsheets, outdated procurement lists, and educated guesses. This vendor blindness isn’t just an operational inconvenience—it’s a critical business risk that’s becoming increasingly expensive to […]

The healthcare cybersecurity crisis that’s costing organizations millions in damages

The U.S. healthcare sector faces an unprecedented cybersecurity crisis. With 168 million healthcare records breached in 2023 and ransomware attacks surging 32% in 2024, the industry confronts threats that have evolved beyond data theft to sophisticated campaigns capable of paralyzing critical patient care infrastructure. Despite these trends, cybersecurity often receives insufficient leadership attention. A 2025 […]

Your cyber insurance policy could be a target

Organizations invest heavily in cyber insurance policies to shield their businesses from evolving threats, but many overlook a critical vulnerability: the security of the insurance policy documents themselves. While these policies are designed to protect you from cyber threats, they can become powerful weapons when they fall into the wrong hands. Over the past year, […]

A complete guide to domain spoofing

Domain spoofing is a cyberattack technique most commonly used in phishing and fraud, where criminals impersonate a legitimate organization’s domain name to deceive users. Think of it as digital identity theft at scale: Attackers make fraudulent emails or websites appear as if they originate from your trusted company domain, tricking victims into revealing sensitive data, […]

The 3 types of CISOs: How to succeed in any version – and what to do when you’re misaligned

As the CISO, are you and your organization in alignment? The CISO role has evolved dramatically over the past decade, but organizational cybersecurity programs have not always kept pace.  If you think about CISOs like software versions, version 1.0 is your first generation of CISOs, focused on structure and technical architecture. Version 2.0 moves beyond […]