Skip Navigation LinksASIS International / Education & Events / Global Events / 2016 European Security Conference & Exhibition / Programme and Events / Building an Integrated Security Risk Management Function Saving Regulatory Capital

Building an Integrated Security Risk Management Function Saving Regulatory Capital

Different functions in a bank or other strongly regulated industries deal with risk management: Security Management, Operational Risk & Integrated Control System departments have overlaps and dependencies, covering different aspects of related subjects. The challenge is to integrate all functions in an efficient way, where each function contributes its core competence but no redundancies are created. The author shows how such an integration of management systems has been implemented in a major international bank and how this integration helped to save capital and reduced security risks at the same time.


Thomas Stubbings
Cybersecurity Representative of RBI Board, Raiffeisen Bank International AG, Austria

Dr. Thomas C. Stubbings is CSO and head of Group Security Management at Raiffeisen Bank International AG, leading 23 security organisation in CEE and overseas. Being with Raiffeisen for over 12 years, he started with IT security and later he integrated Business Continuity Management and Physical Security, creating a fully converged security function, in order to maximize synergies and manage dependencies. Before being with Raiffeisen, Thomas Stubbings worked as managing consultant at a large international consulting firm. He holds a PhD in technical sciences and several certifications in the information security and risk management area. He is a speaker at various national and international conferences and is member of the CSO roundtable. He is chairing the Cybersecurity Platform in Austria which is advising the Austrian Government in questions of Cybersecurity and Critical Infrastructures.