Ghazayil Alkhalifa

CISO

Ijarah

Speaker sessions

Mapping Financial APT Threats to Cyber Risk Registers: A Strategic Impact Matrix Approach

In this session, “Mapping Financial APT Threats to Cyber Risk Registers,” Asma Alqahtani and Ghazayil Alkhalifa explore the evolving threat landscape facing financial institutions through the lens of the top five Advanced Persistent Threat (APT) groups with current or historical targeting of the sector.The session introduces the APT Business Impact Matrix, a framework that links threat actor behavior to four critical dimensions of business impact:RevenueReputationRegulationResilienceBy analyzing recent TTPs, regional targeting, and intent, each threat actor is assessed for its strategic relevance. These insights are then mapped into a Cybersecurity Risk Register, empowering organizations to align cybersecurity priorities with actual threat exposure—not just compliance checklists.This matrix-based approach helps security teams communicate more effectively with executive leadership, enabling better resource allocation, stronger risk governance, and clearer regulatory justification.The presenters will demonstrate how operational threat intelligence, when shaped by strategic reporting and CISO-level oversight, becomes a vital tool for financial sector resilience and regulatory alignment.