Skip to Main Content

Bank Cybersecurity School

October 12-16, 2026 | Fluno Center at the University of Wisconsin-Madison | Madison, Wisconsin | Enrollment Deadline: September 11, 2026

Bank Cybersecurity School

Key Information Security Strategies

Online bank fraud and cyber threats remain a persistent and growing challenge for financial institutions. U.S. banks continue to face billions in annual losses from phishing, ransomware, and increasingly sophisticated attacks targeting mobile devices, web applications, and core banking systems. The FBI suggests that reported fraud losses exceed $17 billion in the United States alone each year, with much more going unreported. As hackers evolve their tactics and integrate new technology like AI, the need for proactive, layered IT security—encompassing both offense and defense—has never been greater. Threats such as phishing, malware, coordinated denial-of-service attacks, ransomware, and data breaches, combined with the dark web criminal marketplaces that transact this information, pose significant financial and reputational risks. Today’s bank customers expect robust protection, and studies show that many would switch institutions if they became victims of fraud. Security breaches not only result in substantial financial losses but also erode consumer trust and confidence. Proactive security strategies are essential.

Don’t miss this innovative school, designed specifically for information security officers and technology professionals in the financial industry. This state-of-the-art program will expand your understanding of the business of banking—including key drivers of profitability, regulatory requirements, and risk management—while providing an in-depth, interactive, and hands-on study of the latest cybersecurity techniques and strategies.

The school features a dynamic mix of lectures, small group discussions, and interactive computer labs. Hands-on simulation labs allow you to explore penetration testing, vulnerability assessment, incident response, digital forensics, and more. You’ll spend class time engaging with IT security experts and knowledgeable colleagues, building a professional network that will support you for years to come. Apply today to take advantage of this opportunity to learn from industry leaders about today’s most critical issues in information assurance and cybersecurity for financial institutions.

Who Should Attend

Whether you’re a veteran Information Security Officer or new to the IT security field, this powerful program will give you the skills and knowledge to effectively secure your bank’s and your customers’ most sensitive information.

Program of Study

To give attendees the best learning experience possible this program has limited enrollment to allow for a truly personal interaction. The school is packed with real world information about the latest in IT security and information assurance — practical information that will help you stay a step ahead of those who’d do your organization harm. The school has been divided into two core areas of study – the business of banking and information technology security.

Experience the GSB Difference

The Graduate School of Banking at the University of Wisconsin-Madison is widely recognized as one of the leading and most progressive graduate banking school in the country. Using feedback from its alumni, Banker Advisory Board and sponsoring state bankers associations, GSB continuously updates program offerings to meet current professional development needs in the banking industry. In developing the Bank Technology Security School, specifically for IS professionals in the banking industry, GSB sought out the industry’s finest banking industry experts to design and teach the program. Visit our faculty page to meet your instructors.

More than 23,000 alumni have benefited personally and professionally from attending the Graduate School of Banking at the University of Wisconsin-Madison. You, too, can benefit from a GSB learning experience. We hope you’ll join us for the Bank Technology Security School!

Accommodations

Students are responsible for booking their own lodging for this program. Classes begin Monday morning, so those who are traveling to Madison are encouraged to arrive on Sunday. Enrolled students will receive a link to available room blocks upon acceptance into the program – although participants are welcome to book at another nearby hotel if they wish.

Financial Managers School

Pricing ForPrice
CBA Bank Member
&
Bank Non-Member
$2,725, plus a $350 registration fee due at the time of application.

Register Now for the Bank Cybersecurity School on October 12-16, 2026
Location: Fluno Center at the University of Wisconsin-Madison | Madison, Wisconsin
Enrollment Deadline: September 11, 2026

Your tuition includes:

  • All instructional materials, posted electronically for download
  • Access to the GSB Learning Management System and course portal
  • Daily breakfast. lunch and break refreshments
  • Opportunity to network with faculty and IT security colleagues; and, and invitation to join an alumni-only group on LinkedIn for ongoing networking. 
  • Invitation to join an alumni-only networking group on LinkedIn
  • Access to cybersecurity professionals and banking industry experts
  • Support of the GSB staff and faculty throughout the course

Tuition for the 2026 Bank Cybersecurity School is $2,725, plus a $350 registration fee due at the time of application.

Note: Students are responsible for booking their own lodging for this program. A block of rooms will be available at the Fluno Center until the program deadline, or participants are welcome to book at a nearby hotel. 

Cancellation/Refund Policy:

Registration fees are non-refundable. Other fees paid will be reduced by any hard dollar costs incurred by GSB and are then available for refund or future use, subject to the following guidelines.

Future Use: If you cancel, you may elect to leave paid fees on account with GSB without a cancellation fee. The funds must be used within 24 months of the cancellation date and can be used toward any school; however, they cannot be applied to online seminars. Any funds not used at that point will be forfeited to GSB. If a refund is requested after fees have been placed on account with GSB, the refund will be processed based on the original cancellation date subject to the cancellation fees below.

Refund: If you cancel and request a refund, it will be subject to a cancellation fee based upon the date of cancellation as follows:

Notice of Cancellation Received by GSB                 Refund Percentage

15-45 Days Prior to Program Start Date                                90%

8-14 Days Prior to Program Start Date                                   75%

7 Days Prior or failure to appear at Program                        none

The school’s comprehensive curriculum features two core areas of study – the business of banking and offensive and defensive IT security measures.

BUSINESS OF BANKING CURRICULUM
This section is an introduction to banking for technology and cybersecurity professionals who want to understand the business they serve, how it works, and a bank’s critical role in our local communities.

Introduction to the Business of Banking
Learn the major components of a bank’s balance sheet, income statement and key ratios used in decision-making at the bank. This session also outlines the concept of strategic planning and achievement of sustainable competitive advantage.
Bank Profitability Analysis
Attendees will come away with a clear understanding of the main components that affect bank profitability. You’ll explore management’s focus on certain ratios and the effect on human resources requirements.
Asset/Liability Management
In this session, attendees will learn the goals, organization, and process of asset/liability management and how to integrate A/L with IT management goals. You’ll gain a better understanding of how to identify different types of risk and the implications of risk mismatch.
Bank Regulatory & Competitive Environment
Learn the forces that affect industry competitiveness and the impact of deregulation on earnings. Key issues for bank survival and prosperity and the shift from product-driven to market-driven strategies will also be discussed.

CYBERSECURITY CURRICULUM
Security Breaches, Laws, & Regulations
This section provides a comprehensive overview of the evolving threat landscape facing financial institutions.

Key Topics:

  • Recent high-profile breaches and ransomware attacks targeting financial institutions 
  • Standards from FFIEC, GLBA, FDIC, OCC, and NIST 
  • Insights from real-world incidents 
  • Best Practices in Risk Management, Incident Response, Vendor oversight, Implementation of technical controls

Information Security Management
Master the strategic and operational aspects of managing an information security program within a bank. This material emphasizes the crucial role of management in developing written policies, meeting regulatory requirements, and integrating administrative, technical, and physical safeguards.  

Key Topics:

  • Risk assessment and policy development 
  • Asset and vendor management 
  • Access controls and security awareness 
  • Network security and business continuity 
  • Incident response and social engineering 
  • Vulnerability management and audit processes 
  • Using industry standards to meet emerging threats and regulatory demands 
     

Security Risk Assessment
This section provides a clear and practical guide for conducting risk assessments in financial institutions, focusing on regulatory requirements. It emphasizes the significance of risk assessments for ensuring compliance, facilitating informed decision-making, and developing robust information security programs.  

Key Topics:

  • Key regulatory standards: GLBA, FFIEC, NIST 
  • Risk management methods and types of risk (inherent, residual) 
  • Step-by-step process: identify assets, threats, controls, and measure risk 
  • Common challenges in risk assessment 
  • Integrating new technologies and addressing emerging threats 
  • Utilizing frameworks like NIST CSF 2.0i 

Participants will learn how to prioritize assets, document controls, demonstrate compliance, and use risk assessments to inform security strategies and promote continuous improvement.

Security Auditing & Testing
IT Security Auditing and Testing provides a comprehensive overview of the procedures essential for maintaining strong cybersecurity in financial institutions. It covers various types and scopes of audits, relevant regulatory frameworks such as FFIEC and FDIC InTREx, and emphasizes the importance of risk-based, independent, and ongoing audit programs.

Key Topics:

  • Technical and policy audits 
  • Vulnerability assessments 
  • Penetration testing 
  • Social engineering evaluations 
  • Effective audit planning and documentation 
  • Clear reporting and action tracking 
  • Common challenges in testing technology, personnel, and processes 
  • Best practices for audits and security testing 

Participants will gain practical insights into designing audit programs, applying industry standards, and integrating audit findings into continuous risk management and security improvement efforts.

Vulnerability Assessment
System vulnerabilities continue to plague the software we rely on, and cybercriminals are evolving in their ability to quickly identify and exploit vulnerabilities.  

Key Topics:

  • Vulnerability assessment tools and techniques 
  • Prioritizing vulnerabilities based on risk 

Participants will learn to identify, analyze, and prioritize vulnerabilities in banking systems and develop remediation strategies to protect critical assets.  

Network Penetration Testing 
Learn and understand advanced penetration testing methods to evaluate the security of bank networks. This session includes reconnaissance, exploitation, post-exploitation, and reporting, with a focus on real-world scenarios and compliance requirements.  

Cybersecurity
Explore the intricate technical foundations and the latest trends in cybersecurity as they specifically pertain to the banking sector. This session delves into the crucial elements of threat intelligence and examines the sophisticated attack vectors that cybercriminals employ.  

Participants will gain insights into effective defense strategies designed to safeguard financial institutions, as well as an understanding of the evolving tactics of cybercriminals who relentlessly target the banking industry. Join us to participate in engaging discussion that highlights the pressing challenges and innovative solutions within this critical field.

Artificial Intelligence
Study how AI and machine learning are revolutionizing cybersecurity in the banking sector. We’ll examine AI’s role in threat detection, automated response, and decision support, while addressing the ethical and regulatory considerations unique to banking. You’ll gain insight into how AI can create a competitive advantage, while also understanding the new risks and operational challenges it introduces.

Understanding OSINT 
Investigate how to utilize Open Source Intelligence (OSINT) for threat hunting, fraud detection, and investigations in the banking sector. Learn how to gather, analyze, and apply publicly available data to strengthen your institution’s security measures. This approach can be an effective resource for addressing both cybercrimes and physical threats to our institutions.

The Snares of the Dark Web
Explore the risks that the dark web poses to banks and their customers. This session will focus on understanding underground forums, identifying potential threats, and responding to data breaches and fraud that may arise from dark web activities. You’ll learn how to utilize insights from the dark web to enhance your institution’s awareness of cybercrimes and mitigate risks to our banks.

Ethical Web Application Hacking
As web applications increasingly become the foundation for innovation in the banking industry, critical vulnerabilities and attacks on these digital platforms continue to rise. It is essential that we understand how to assess and mitigate risk to protect data and maintain trust. In this hands-on technical session, participants will learn to ethically test and secure web applications, exploring common vulnerabilities—including those in the OWASP Top 10—along with exploitation techniques and secure coding practices to strengthen security posture.

Cyber Attacks and Incident Handling 
Get ready to handle cyber-attacks by using established incident handling methodologies. This session will cover the key steps: detection, containment, eradication, recovery, and post-incident analysis, with a special emphasis on threats specific to the banking sector and regulatory requirements. Learn from the mistakes and oversights of other organizations to enhance your preparedness and resilience.

Digital Forensics 
Gain practical skills in digital forensics specifically for banking environments. Learn techniques for evidence collection, analysis, and reporting to support incident investigations, regulatory inquiries, and legal proceedings. While it’s our hope that cybersecurity incidents never happen, the likelihood of them occurring is too significant to ignore. Basic preparation can turn digital forensics into a powerful tool for responding to incidents.

Admission to the Bank Cybersecurity School is by application only. Those seeking admission should complete an application online application.

Admission requirements are designed to select those applicants who are prepared by experience and prior education to derive the greatest benefit from this advanced management program. Each applicant must qualify under one of the following criteria:

  • Employees of FDIC-insured banks or savings institutions.
  • State and federal financial institution regulatory officials and directors of banks or savings institutions with educational background and experience comparable to that required of bank officers.
  • Professionals from firms providing services to banks and savings institutions who have the necessary educational and experience backgrounds will be considered for admission on a case by case basis and will be dependent on available space.
  • International bankers are welcome and will be considered for admission based on education and experience.

As a matter of policy, the Graduate School of Banking does not discriminate among applicants and participants on the basis of race, religion, sex, national origin, color, handicap, orientation or marital status.

A detailed daily schedule will be posted for enrolled students in Canvas, GSB’s Learning Management System; however, courses will run full days Monday through Thursday, and will end midday on Friday. Students are responsible for booking their own lodging for this program and are encouraged to arrive on Sunday, as registration will be first thing Monday morning. 

Please email the team at:
registrations@calbankers.com