All attendees will receive a complimentary 9-part Toolkit to help your Institution comply with federal and state cyber laws.
Along with last year's Equifax breach, the impact of WikiLeaks and Russian mettling with the 2016 U.S. Presidential election, have put cybersecurity issues on the front page of national newspapers. It is estimated that the cost of data breaches could soar to more than $2 trillion by 2019.
Despite the fact that a majority of United States
organizations have experienced a cyber-attack either directly or through a vendor, many banks and credit unions do not consistently address cyber threats. This webinar will help you focus on what you can control and help any cyber policies are inadequate and expose the Institution to financial loss, business disruption, regulatory action, reputational risk, and business disruption.
This webinar will help you focus on what you can control to mitigate litigation and reputational risk, which is to have and maintain a commercially reasonable IT infrastructure that is suitable and appropriate for your Institution's risk profile. Discover how your organization can create a culture of cybersecurity continuity, which is achieved when a company's people, process, and technology are aligned with secure execution of the business strategy.
Defining and communicating your Cyber Risk Management Regime is central to your Institution's overall cybersecurity strategy, and we will use a 10-Step Checklist throughout the session to help you learn how to design, implement, and monitor an efficient Cybersecurity Program.
In this session, we will review best practices your Institution can take to prevent cyber incidents from arising at all. We will review relevant laws and regulations, and examine case law trends.You will learn what types of cyber threats to expect, and how to properly train your personnel to identify and handle these threats. We will also explore incident management and discuss the procedures you need to have in place so that you can immediately respond to a cyber incident.
- Types of Cyber Threats. Discover the Differences Between DDos & Dos, Viruses, Worms, Phishing, Trojans, Malware, Ransomware, and More!
- Regulation. Discuss how state and other regulators are addressing cybersecurity within their governance. For example, did you know that (at least) 47 States have regulations requiring private, government, or educational entities to notify individuals of security breaches of information involving
personally identifiable information (PII)?
- Prioritize Cyber Risk. Risks to Your Institution's information and systems must be assessed with the same vigor as legal, regulatory, financial, and operation risks. Embed a Risk Management Regime across your Institution, supported by the Board and Executive Management.
- Existing Controls. Assess and document the controls and processes currently in place. Make note of the nature,
sensitivity, and location of information your organization collects and/or stores, as well as existing databases,
applications, and other assets.
- Written Cybersecurity Policy. Produce written security policies related to Network Protection, Malware
Prevention, Secure Configuration of Systems, and Removable Media Controls. Establish relevant policies to comply
with applicable laws and regulations.
- Incident Management. Create and test your written response and disaster recovery plans. Develop procedures for
responding to actual or suspected cyber incidents (include a provision related to regulatory reporting).
- Vendor Management. Conduct an assessment of cybersecurity measures employed by third-party providers.
Determine whether vendor contracts address information and technology issues related to cybersecurity threats. If
unauthorized access to sensitive information is of concern, your organization should consider purchasing
- Program Implementation & Monitoring. Continuously monitor all systems and networks. Analyse logs for unusual activity that could indicate an attack.
- Personnel Training. Effective implementation of your Cybersecurity strategy requires officer and employee training. Discuss identified cybersecurity threats, as well as preventative measures, and how to activate the response
plan once an incident is detected. Routinely review the Cybersecurity Policy to ensure compliance.
- User Education & Awareness. Your organization should educate clients about measures they can take to reduce
their accounts & exposure to cybersecurity risks.
- Periodic Audit & Assessments. To prioritize existing cybersecurity vulnerabilities and mitigate internal and
external cybersecurity threats, assess the impact a cybersecurity incident would have on your organization and review
the effectiveness of your risk management structure.
- Program Maintenance. Your organization should continuously assess cybersecurity risks, and monitor and test
your security controls to ensure
Who Should Attend
This infomrative session is designed for: Senior Leadership and Management, CTOs, CIOs, CFOs, CEOs, IT Officers and Staff, Risk Management Officers and Staff, Compliance Officers and Staff, Personnel Responsible for Third-Party Providers, Business Continuity Officers and Staff, and Human Resources Officers and Staff.