Toomas Vaks is a cyber-risk manager at Swedbank Group and is responsible for control, assurance and advisory work in managing cyber risks. He joined Swedbank Group in 2000 and held various positions in the fields of risk management, fraud investigations, corporate security, KYC and AML/CTF compliance, and served as head of Risk Management in Group Cards. In 2011, he moved to the government sector and became Deputy Director General of the Information System Authority (RIA), where he founded and headed the Cyber Security Branch, responsible for the development of the National Cyber Security Strategy and incident response planning, state-level crisis and incident management and coordination, security operations and other functions. In 2017, he rejoined Swedbank Group. He is a member of the Cyber Security Council of the Estonian Academy of Sciences (since 2013), the European Banking Federation’s Permanent Working Group on Cyber Security (since 2018), the Cyber Working Group of the Estonian Banking Association (since 2018), and the National Cybersecurity Advisory Board (since 2019). He also advises the cybersecurity programme at the Estonian e-Governance Academy, including the implementation of the National Cyber Security Index, conducted in 160 countries. He holds an MA degree in social sciences from TalTech.