The evolving scope and skills of a CRO and cyber maturity
Ashurst's market-leading risk and regulatory experts return in 2025 to host quarterly forums connecting Chief Risk Officers with industry veterans and subject matter experts to discuss topical issues, challenges and trends.
Risk never remains the same, and as issues can arise more quickly than ever before, long gone are simple frameworks and in person transactions. Understanding customers and products, and being proactive in mitigating emerging risks, is now critical to adding stakeholder value, protecting consumers and investors and ensuring operational resilience. The evolving scope and skills of a Chief Risk Officer (CRO) in the context of this dynamic regulatory and operating landscape means that CRO now need to proactively respond in an increasingly complex, data-driven and AI-fuelled financial services system. With the potential for cyber events to cause significant customer harm and reputational damage, practical lessons for CRO learned from recent attacks can provide a lens through which more resilient, secure organisations can ensue.
In this forum, Liz Hristoforidis and John Macpherson, Partners of Ashurst Risk Advisory will explore the evolving role of Chief Risk Officers, with a deep dive into how to drive cyber resilience in a dynamic and changing environment.
Liz Hristoforidis is a regulatory change and intervention specialist with extensive experience over nearly two decades at ASIC, where she worked across almost all of its domains—from licensing to policy development, supervision to enforcement, and strategic planning and performance reporting to regulatory transformation. Immediately before joining Ashurst's Risk Advisory Practice in July 2021, Liz played a pivotal role in establishing ASIC's institutional supervision approach and led the supervisory teams responsible for the 'close and continuous monitoring' of two of the Big 4 banks and another major institution. Liz helps clients to navigate regulatory engagement as they prepare for law reform implementation and ensure ongoing compliance with their obligations in line with regulatory expectations.
John Macpherson leads Ashurst's cyber response team working with clients to prepare for, and respond to, high impact cyber incidents. As a strategic adviser to Boards and leadership teams in Australia and internationally, he supports them in their recovery from acute crisis. Alongside Ashurst’s legal practices, he has advised on many high-profile cyber-attacks across Australia and the United Kingdom. He regularly helps clients build sustainable resilience frameworks and risk-led approaches to cyber and digital security, bridging expertise in crisis management and business continuity, stakeholder management and communication, customer remediation and complaints, data governance and privacy, third party risk management, and regulatory notifications and investigations.
This event is exclusively available to senior risk professionals within AFIA's full membership.