Archive for: Technology

, , , , , , ,

Managing Your Managed Service Provider – 12 Questions to Ask Your MSP

Many organizations leverage a Managed Service Provider (MSP) to manage their IT infrastructure, often providing more expertise while saving some cost. But when it comes to protecting data, the term “cybersecurity” can mean different things to different organizations.

The goals of Information Technology (convenience and availability) are far different than the goals of Information Security (protection and loss prevention).

What You’ll Learn

  • Information Technology vs. Information Security
  • Types of Managed Services Providers
  • Traditional Vendor Management of MSPs
  • Modern Vendor Management of MSPs
  • Characteristics of a Good MSP Partnership
  • Questions to ask before hiring an MSP

Who Should Attend
Information Security Officers, IT Managers, Risk Officers, Internal Auditors, and Executives looking to understand the risk of Vendor Relationships should take this course.

Presenter
John Helland is an Information Security Consultant at SBS CyberSecurity (SBS), a company dedicated to helping organizations identify and understand cybersecurity risks to make more informed and proactive decisions. Helland maintains Certified Information Security Manager (CISM), Certified Banking Security Manager (CBSM), Certified Banking Vendor Manager (CBVM), and Certified Banking Business Continuity Professional (CBBCP) certifications. He received a degree in Network Security and Administration from Dakota State University. Helland joined the SBS team in 2021, bringing over 20 years of experience in the IT industry. He specializes in information security management and bridging the gap between information technology and information security. Helland is passionate about making a difference for his clients and co-workers by providing valuable contributions, making well-informed decisions, and advocating for the best path forward for the project they are collaborating on.

Registration Options

  • Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts – $279
  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD  + $140
    • Additional Live Access + $85 per person
/by
, , , , , , , , ,

The Rapidly Evolving Cyber Threat Landscape

The cybersecurity threat landscape is rapidly changing. Financial firms are regularly targeted and the profile of threat actors has continually evolved. While commodity hackers and clever criminals persist as a threat, increasingly the danger is coming from organized threat groups that operate like a business. Understanding the difference between aggressors and the changing nature of the threat landscape is essential for maintaining commensurate safeguards, monitoring, and response. This session will survey the current cybersecurity threat landscape, understand the nature of the various threat actors, and dive deeper into the business context of cybersecurity.

What You’ll Learn

  • Survey the current cybersecurity threat landscape
  • Understand the nature of the various threat actors
  • Gain perspective on the importance of cyber strategy

Who Should Attend?
This program is for anyone in the technology and cybersecurity space.

Presenter
Dave Detweiler is the Managing Director for SEI Sphere. In this role, he leads a team who helps business and technology leaders bridge the gap of cyber protection to secure their growing business. Detweiler’s professional background includes more than 20 years with SaaS startup organizations, specializing in building consultative teams that help define effective solutions for customers.

Registration Options

  • Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts – $279
  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD  + $140
    • Additional Live Access + $85 per person
/by
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

How to Build a Robust Security Training Program – Free Webinar

In this course, we’ll discuss the key elements in building a comprehensive and effective security awareness program, and help you start to understand what it means to build a security-first culture.

Security awareness training helps organizations prepare to defend against today’s most threatening cyberattacks. But if training — often viewed as the last line of defense — is truly impactful, then why do we still have so many breaches? One reason is because of the frequency with which these attacks are occurring. Social engineering and phishing attacks are on the rise.

Another reason is that not all security awareness programs are created equal. While leveraging a “one-size-fits-all” solution can work for maintaining compliance, is it really preparing your employees to take the right action when a phishing attempt sneaks into their inbox? With most people forgetting the majority of infrequent and insufficient training, how can security and risk management leaders ensure their security awareness program sticks?

What You’ll Learn

  • Adult Learning & Content Strategy
  • Security Awareness Topics
  • Phishing Simulations
  • Program Support

Who Should Attend
Everyone is welcome to this webinar as everyone should have a plan in place for security. Security Awareness Training is quickly becoming a mandatory part of everyone’s lives and we want to help keep everyone safe from online attacks.

Instructor Bio
John Trest is responsible for leading the development of Inspired eLearning’s award-winning library of Security Awareness and Compliance training content, from the engaging instructional design to the high-quality multimedia production. He has been a member of Inspired’s team since 2009 and has over 20 years of experience in creating and delivering eLearning courses for a broad variety of industries and subjects. He’s passionate about creating quality security awareness content that is both engaging and impactful.

/by
, , , , , , , , , ,

Record Retention & Destruction Policy & Timeframes

Record retention is serious business. Are you complying with your institution’s policy? Are you retaining documents long enough? Or are you hanging onto “special” items that are past their destruction date? Join us to learn more from a legal expert.

After This Webinar You’ll Be Able To:

  • Implement the elements of an effective record retention and destruction policy
  • Explain the various laws which require a designated time period for document retention
  • Understand the designated retention time periods for retention under each law
  • Identify the document retention timeframes that do not fit within a specific category
  • Distinguish the special rules for record retention when regulatory action or litigation is threatened

Webinar Details
Various federal and state laws mandate the retention of specific documents and records for a designated time period. Unfortunately, these laws overlap and conflict, causing confusion. In the past, some institutions simply retained all records permanently “to be on the safe side.” That isn’t practical today and retaining all records can actually cause harm. All institutions must have a systematic record retention and destruction policy to comply with the law. This webinar will explain the legal retention period requirements and the practical considerations for both electronic and paper document retention and destruction.

Who Should Attend?
This informative session is designed for deposit and loan staff, operations personnel, compliance staff, managers, auditors, and anyone else responsible for creating record retention policies and responding to document requests.

Take-Away Toolkit

  • Sample record retention and destruction policy, including the specific timeframes mandated by federal law
  • Supplemental handout covering your state’s specific time period requirements
  • Employee training log
  • Interactive quiz
  • PDF of slides and speaker’s contact info for follow-up questions
  • Attendance certificate provided to self-report CE credits

NOTE: All materials are subject to copyright. Transmission, retransmission, or republishing of any webinar to other institutions or those not employed by your institution is prohibited. Print materials may be copied for eligible participants only.

Presenter
Elizabeth Fast, JD, CPA – Spencer Fane LLP

Elizabeth Fast is a partner with Spencer Fane LLP where she specializes in the representation of financial institutions. Fast is the head of the firm’s training division. She received her law degree from the University of Kansas and her undergraduate degree from Pittsburg State University. In addition, she has a Master of Business Administration degree and she is a Certified Public Accountant. Before joining Spencer Fane, she was General Counsel, Senior Vice President, and Corporate Secretary of a $9 billion bank with more than 130 branches, where she managed all legal, regulatory, and compliance functions.
Registration Options
  • $279 – Live Webinar Access
  • $279 – OnDemand Access + Digital Download
  • $379 – Both Live & On-Demand Access + Digital Download
/by
, , , , , , , , , , , , , , ,

FFIEC Cybersecurity Assessments: Recent Findings & Recommendations

It seems like the cyber criminals work at light speed to conjure up new ways to spread mayhem.

Creativity is the name of the game. Keeping ahead of them can seem impossible at times… but it’s crucial! Let this webinar be another tool to help improve your cybersecurity assessment and deepen your knowledge.

After This Webinar You’ll Be Able To

  • Identify additional controls that may benefit your institution
  • Explain to leadership why continued investments into cybersecurity are needed
  • Find helpful resources using the FFIEC Cybersecurity Resource Guide for Financial Institutions
  • Justify additional controls to improve cybersecurity maturity

Webinar Details
Cyber criminals and fraudsters are innovating more than ever. Whether using the latest crisis in the news cycle to launch an email phishing attack, deploying new or updated malware via smishing, or launching some yet unknown attack, they never stop. Is your institution keeping its cybersecurity program up to date?

Whether you use the FFIEC CAT or a third-party cybersecurity assessment tool, this webinar will review how to improve your cybersecurity assessment to enhance innovation at your institution as you work to keep ahead of the criminals. Tips, as well as best practices, findings, and recommendations from examiners, will be provided throughout the presentation.

Who Should Attend?
This informative session is designed for anyone responsible for implementation/updates, auditing/testing, or oversight of the cybersecurity program.

Take-Away Toolkit

  • Checklist of innovative controls every institution should consider
  • List of most common CLA best practice controls
  • FFIEC Cybersecurity Resource Guide for Financial Institutions
  • Employee training log
  • Interactive quiz
  • PDF of slides and speaker’s contact info for follow-up questions
  • Attendance certificate provided to self-report CE credits

NOTE: All materials are subject to copyright. Transmission, retransmission, or republishing of any webinar to other institutions or those not employed by your agency is prohibited. Print materials may be copied for eligible participants only.

Presenter Bio

John Moeller, CLA

John Moeller is a principal at CLA and their IT and cyber practice leader for financial institutions. For over 30 years, Moeller has served the security and technology needs of financial institutions across the country. His experience includes IT governance and compliance, regulatory guidance, implementation of cybersecurity frameworks, and risk assessments. He is passionate about explaining the why behind recommendations and educating boards and senior management on today’s cybersecurity risks.

Moeller is a frequent speaker on relevant cyber security topics to banking industry groups and associations. He holds several professional certifications, including Certified Information Systems Security Professional, Certified Ethical Hacker, and EC Council – Certified Security Analyst.

Registration Options

  • $279 – Live Webinar Access
  • $279 – OnDemand Access + Digital Download
  • $379 – Both Live & On-Demand Access + Digital Download
/by
, , , , , , ,

IT Audit Options: How to Choose the Right One for Your Institution

New technology brings with it new risk and new controls that should be tested, not to mention controls to mitigate risk associated with dynamic threats. Is your IT audit program keeping up or are you doing what you have always done?

After This Webinar You’ll Be Able To:

  • Determine areas of new technology risk to consider for the IT audit
  • Better understand technical risks that can be audited
  • Identify areas of the IT audit that should be outsourced to IT specialists
  • Ask additional questions to ensure you are receiving a quality IT audit
  • Use risk when considering audit frequency

Webinar Details
This webinar will cover new technology areas that should be audited, such as Microsoft 365, Microsoft Azure, and cloud computing in general. It will address five areas that may be overlooked or not looked at closely enough in most IT audits. Do you know if your IT auditor is really qualified? What about the staff assigned to your IT audit? This program will provide questions to ask to ensure you are receiving a quality IT audit and not a check-the-list audit. You’ll leave this webinar better equipped to identify IT audit options and justify changes to the IT audit program.

Who Should Attend?
This informative session is designed for audit leadership and audit staff that have responsibility for the IT audit process, but do not have an IT audit certification or several years of IT audit experience.

Take-Away Toolkit

  • Sample Microsoft 365 audit checklist
  • Questions to ask your IT auditor to ensure you are receiving a quality IT audit
  • List of technology that should be on your IT audit short list
  • Employee training log
  • Interactive quiz
  • PDF of slides and speaker’s contact info for follow-up questions
  • Attendance certificate provided to self-report CE credits

NOTE: All materials are subject to copyright. Transmission, retransmission, or republishing of any webinar to other institutions or those not employed by your institution is prohibited. Print materials may be copied for eligible participants only.

Presenter
John Moeller — CLA

John Moeller is a principal at CLA (CliftonLarsonAllen, LLP) and their IT and cyber practice leader for financial institutions. For over 30 years, Moeller has served the security and technology needs of financial institutions across the country. His experience includes IT governance and compliance, regulatory guidance, implementation of cybersecurity frameworks, and risk assessments.

He is passionate about explaining the why behind recommendations and educating boards and senior management on today’s cybersecurity risks. Moeller is a frequent speaker on relevant cybersecurity topics to banking industry groups and associations.

Moeller produces and presents expert content for Community Bankers Webinar Network, with his webinars being viewed by hundreds of bankers across the country.

Registration Options

  • $279 – Live Webinar Access
  • $279 – OnDemand Access + Digital Download
  • $379 – Both Live & On-Demand Access + Digital Download
/by
, , , , , , , , , , , , , , , , , , ,

Risks (and Rewards) of Artificial Intelligence in Banking

There has been quite a lot in the news lately regarding the use of artificial intelligence, or AI, in the banking industry. But there is more to it than just AI — financial institutions are increasingly using algorithms and so-called “big data” in their operations. The benefits are obvious — more effective marketing, more efficient underwriting of credit, and just an overall sense of better knowing the customer.

But there are two sides to every coin; there are significant risks to using AI and nontraditional data when dealing with customers and prospects. The regulatory agencies (as well as Congress and the Administration) are keenly focused on these risks, and are looking very carefully at what the industry is doing. We have FinTechs to thank for many of these advancements, but they are not regulated the same way as traditional banks, thrifts, and credit unions, so usage of these exciting tools and strategies must monitored carefully.

What You’ll Learn

  • “Algorithmic discrimination” – what is this, and how can we monitor for it?
  • Digital redlining – offering your products in the digital world
  • The White House’s “Blueprint for an AI Bill of Rights”
  • The Facebook settlement – case study in digital advertising
  • Regulatory agency and FTC guidance on the issue – many to-dos and recommendations
  • Machine learning and related risks
  • AI Framework from the National Institute of Standards and Technology
  • FHA: algorithm-based tenant screening
  • Recent Automated Valuation Model (AVM) proposal – bias in the evaluation process
  • Joint statement on AI-based discrimination from CFPB, DOJ, FTC, and EEOC
  • Fintech-bank partnerships

Who Should Attend
This interactive session is appropriate for anyone in the institution involved in the marketing, management, and servicing of retail products. As these technologies are pervasive throughout the product lifecycle, most anyone, Board members included, will benefit from this information.

Presenter Bio
Carl Pry is a Certified Regulatory Compliance Manager (CRCM) and Certified Risk Professional (CRP) who is a Managing Director for Treliant Risk Advisors in Washington, D.C. Through his working career, as well as through his experience as a banking attorney and officer, he has provided a variety of regulatory compliance and financial performance services to financial institutions and other clients throughout the country. He has written extensively regarding consumer and commercial compliance, tax, audit, and financial institution legal issues, and is a frequent contributor to and currently serves on the Editorial Advisory Board for the ABA Bank Compliance magazine. He has spoken at scores of banking, compliance, and state bar associations, and has conducted training sessions for financial institutions across the country.

Continuing Education Credit Information
Risks (and Rewards) of Artificial Intelligence in Banking has been approved for 2.5 CRCM credits. This statement is not an endorsement of this program or its sponsor. Credits are redeemable for Live attendance only. For questions on certificates, please email support@oncourselearning.com. Certification holders must report these credits at https://aba.csod.com.

Registration Options
Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts $279

  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD + $140
    • Additional Live Access + $85 per person
/by
, , , , , , , , , ,

Privacy and Information Security – Critical Rules for Bankers

Increasingly, privacy has become an important buzzword in banking circles. Customers are concerned about the privacy of their financial and personal information, and financial institution are worried about how to keep all this information safe from intrusions and outright thefts. But what are the legal and regulatory requirements?

In this webinar, we’ll explore the myriad of federal (and some state) requirements around privacy and information security. You’ll learn what information must be kept “private,” and what that term means. We’ll discuss “Personally-Identifiable Information,” or PII, and the special category it occupies in privacy regulations. We’ll also go over how to keep this information safe, with regulatory expectations placed on institutions and how they operate. There isn’t just one privacy law; it is a patchwork quilt of rules, regulations, and guidelines that all operate together to mandate how a financial institution manages its data and information.

What You’ll Learn

  • Gramm-Leach-Bliley Act privacy, and Regulation P
  • Personally-Identifiable Information (PII) – what does this mean?
  • What information can I share with third parties, and when must I provide an opt-out?
  • Sharing provisions of the Fair Credit Reporting Act (FCRA) and their interplay with Reg. P
  • Information Security (or InfoSec) provisions – what do these require?
  • Paper vs. electronic information – different rules?
  • Notification to regulators in case of breach
  • The mad rush by the states to implement privacy rules – which ones apply to you?
  • General Data Protection Regulation – the EU’s spin on privacy
  • And more

Who Should Attend
Anyone involved in the managing of information and data in the institution must be aware of the privacy requirements. This includes not only compliance and legal professionals, but also technology personnel and line of business managers and senior leadership, who are ultimately responsible for maintaining the institution’s privacy program.

Presenter Bio
Carl Pry is a Certified Regulatory Compliance Manager (CRCM) and Certified Risk Professional (CRP) who is a Managing Director for Treliant Risk Advisors in Washington, D.C. Through his working career, as well as through his experience as a banking attorney and officer, he has provided a variety of regulatory compliance and financial performance services to financial institutions and other clients throughout the country. He has written extensively regarding consumer and commercial compliance, tax, audit, and financial institution legal issues, and is a frequent contributor to and currently serves on the Editorial Advisory Board for the ABA Bank Compliance magazine. He has spoken at scores of banking, compliance, and state bar associations, and has conducted training sessions for financial institutions across the country.

Registration Options

Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts $279

  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD + $140
    • Additional Live Access + $85 per person
/by
, , , , , , , , , , , ,

Preparing for Your IT Examination

There is a big misconception that an IT examination is a technical security assessment focused solely on computer systems, the network, and logical controls. While the technological components and the IT department are most definitely included in the examination, it doesn’t start and end there. An IT examination has an enterprise-wide reach that covers technology as well as operations, including core processing, and all forms of information assets; physical and logical security; administrative, technical, and physical controls. Information and cyber security along with business resiliency, incident response, and outsourced third-party risk management are also key elements of the examination.

How exams are conducted has changed since the pandemic of 2020. Today, it is not uncommon for the examination to be a “hybrid” that includes an offsite review and an onsite presence. The scope and focus of the exam may also vary depending on the complexity of the institution and past examination results. To be adequately prepared for your next IT examination, whether you are a seasoned professional or new to the examination process you should attend this presentation.

What You’ll Learn

  • IT examination basics
  • Regulatory requirements
  • Controls and security management
  • Current hot spots
  • Regulatory guidance

Who should attend
Senior management, operations, audit, compliance officers, IT staff, and anyone else responsible for preparing for and overseeing the examination program.

Presenter Bio
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Orr is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist de novo institutions in the vendor selection process, preparing policies and procedures, and instituting controls. She also consults for numerous security providers and vendors helping them align products and services to meet institution regulatory mandates. Orr is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified Risk Professional (CRP).

Registration Options

Live Access, 30 Days OnDemand Playback, Presenter Materials and Handouts $279

  • Available Upgrades:
    • 12 Months OnDemand Playback + $110
    • 12 Months OnDemand Playback + CD + $140
    • Additional Live Access + $75 per person
/by
, , , , , , ,

MBA/WBA Webinar: Everything You Need to Know about ChatGPT

The hottest (and scariest!) technology of 2023

Presented in partnership with the Minnesota Bankers Association, this webinar will take place on Thursday, July 13, 2023 from 9:30—10:30 a.m. CT.

About the Webinar:

Just a few months ago, a plain little website shared a free “Research Preview” of ChatGPT, and the world as we know it changed forever. ChatGPT can write whole essays from a simple text prompt, formulate 100 social media post ideas from a single sentence, create computer code with just a description and compose poetry and songs in any artist’s style in milliseconds. It’ll create a summary from a long legal document, recommend resources for research and, by the time you read this, make your bed and bring you coffee. With this type of AI tool, there are ethical issues, legal issues, bias issues, quality issues, creativity issues, copyright issues, issue issues… and issues we haven’t even considered. Join Beth Z, Your Nerdy Best Friend, for an in-depth look at ChatGPT.

Topics will include:

  • Where did it come from?
  • How does it work?
  • What can it do?
  • How can it help you do your job better?
  • Who does it hurt?
  • And most importantly… how far can it go?

Click “Register Online” for additional details and online registration.

/by
WBA logo

questions@wisbank.com

608-441-1200

4721 S Biltmore Ln.
Madison, WI 53718

Get our Newsletter!
Subscribe