PREFACE

---

The Reserve Bank of India (RBI) has made cybersecurity compliance mandatory for NBFCs through the Cyber Security Framework for NBFCs, the 2024-25 Master Direction on Cyber Resilience and Digital Payment Security Controls, and the Master Direction on IT Governance, Risk, Controls and Assurance Practices. These guidelines require strong governance, Board-level oversight, continuous monitoring, and effective incident response.

As NBFCs become increasingly digital, data-driven, and customer-centric, they also attract the attention of sophisticated cyber adversaries. In such an environment, leadership preparedness becomes not just a regulatory requirement, but a strategic imperative. While traditional training programmes often remain limited to concepts and compliance checklists, modern NBFC leaders need deeper strategic cyber literacy—an understanding of emerging threats, their business impact, and the ability to guide the organisation toward stronger cyber resilience.

This programme has been thoughtfully designed to address this very need. It brings together regulatory expectations, business impact insights, sector-specific threat intelligence, and immersive cyber simulation experiences. Together, these elements equip NBFC leaders with the clarity, confidence, and decision-making capability required to effectively steer cyber risk governance and build a resilient digital enterprise.

PROGRAMME OBJECTIVES

---

• To familiarize the participants with the emerging trends of cyber risks in India and extant regulatory instructions
• Strengthen oversight and governance capabilities in alignment with RBI’s cybersecurity frameworks.
• Enhance decision-making during cyber incidents using practical, scenario-driven exercises.
• Understand the role of the Board in the critical areas such as Vendor Management, Business Continuity Plan and Disaster Management, IS Audit etc.
• Improve preparedness for regulatory expectations, audit scrutiny, and crisis communication.
• Translate cybersecurity insights into business-oriented action plans and resilience strategies.

These objectives are structured to deliver a comprehensive and results-oriented training programme that enhances participants’ ability to manage cyber risks, meet compliance, and apply advanced tools within the immersive Cyber Theme Park (CTmP) environment.

CYBER THEME PARK (CTmP):Signature Differentiator

Cyber Theme Park (CTmP): An Immersive, Experiential, Practical Learning Environment

The Cyber Theme Park is the Center piece of this certification programme - a first-of-its-kind experiential learning arena designed specifically for decision-makers. The CTmP transforms cybersecurity awareness into a high-impact, gamified, interactive, and simulation-driven experience.

It replicates the real-world threat landscape in a controlled, safe environment where leaders get to experience, analyse, and respond to attacks just like cyber adversaries do in actual financial environments.

This programme offers much more:

• Hands-on immersion that lets leaders experience threat behaviour rather than learn it theoretically.
• Sector specific attack scenarios derived from real incidents in the sector.
• Board-level crisis simulations highlighting regulatory, reputational, and operational impact.
• Instant, action-oriented feedback to strengthen decision-making and governance..
• Practical insights for cyber investment and oversight, enabling Boards to better engage with CISOs and risk leaders.

WHO SHOULD ATTEND

---

This programme is designed for Board Members and Independent Directors, as well as members of key governance committees such as the Audit Committee, Risk Management Committee, and IT Strategy Committee. It is particularly relevant for Directors responsible for oversight of governance, compliance, technology, and organisational resilience who are expected to guide cybersecurity strategy and ensure alignment with RBI’s expectations.

FACULTY & DELIVERY PARTNERS

---

The programme is delivered through a strategic collaboration with experienced banking cybersecurity leaders, former regulators, distinguished academics from premier institutions, and industry experts specializing in IT governance and financial sector security. This collective expertise ensures that Board members receive a comprehensive learning experience that integrates regulatory perspective, strategic governance insights, and practical, real-world cybersecurity knowledge.

Organisational sponsorship is essential

DURATION

---

This is One Day programme scheduled on December 20, 2025.

PROGRAMME FEE

---

Non-Residential Fee: Rs. 15,000/- plus GST as applicable (presently 18%) per participant. The fee covers tuition, course ware (in electronic form) working lunch and other facilities of the College including internet usage.

MEDICAL INSURANCE

---

The nominees are requested to carry with them the proof of Medical Insurance. The sponsoring agency is required to endorse the nominees' medical coverage in the event of hospitalization

LAST DATE FOR NOMINATION

---

Please use the prescribed/attached form. Last date for receiving nominations is December 16, 2025. Kindly contact Programmes Officer for further details (contact details are given at the end of the nomination form).

ASCI ALUMNI ASSOCIATION

---

Participants of the College programmes will automatically become members of the ASCI alumni association.

CERTIFICATE OF PARTICIPATION

---

The College issues a Certificate of Participation on conclusion of the programme.