Posts

Thank You, Ken Shaurette, for 13 Years at FIPCO!

By Hannah Flanders

On December 31, 2021 Ken Shaurette retired from FIPCO’s Information Security and Audit Services after 13 years with the company. Shaurette launched his IT career in 1976 after completing his associates degree in data processing. Over the past two decades, he has also garnered a collection of training courses through venders and trade schools as well as certifications by the National Security Agency (NSA) in Information Assessment Methodology. In 2008, Shaurette was hired at FIPCO to build the Information Security and Audit Service from the ground up as its director.

Shaurette shared reflections on how the industry has changed over his decades of experience. When his career began, data was stored centrally in large computer data centers. Slowly, the industry began to give more processing power and ability to manipulate data to users and as the data became increasingly decentralized, security professionals had to establish improved policies and information security programs that addressed data no longer being stored in a big computer center, but out at the desktops anywhere in the company.

As data collection and storage abilities improved, not only did it become more difficult for all the information to be properly secured, it became increasingly important. Regulations have been created today in order to meet the expectation that customer data is equally protected no matter the size of the bank. “Information security [must continue to be] part of our individual and our companies DNA” says Shaurette. “Without security controls, your business can’t grow quickly.”

Shaurette’s perspective has allowed him to help banks throughout Wisconsin protect themselves against serious attacks that could in turn affect growth, reliability, and profits. Shaurette notes that “when it comes to information security 80% is the same regardless of [the] industry when securing the data, 15% is unique to the [banking] industry, and probably 5% is the social atmosphere of [each bank].”

“Over the course of the years, his expertise and service have been greatly appreciated and well-respected by our customers and members,” says Pam Kelly, president of FIPCO. “His passion and unfailing dedication to information security and our members has helped hundreds of bankers keep critical data secure, avoid attackers, and meet the needs of their own communities. Thank you, Ken, for 13 years!”

In his retirement, Shaurette looks forward to spending time with his grandchildren, volunteering, and — he jokes — not writing audit reports. However, he leaves FIPCO customers with one last message in appreciation over that last 13 years, “I may be boating off into the sunset, but the sunrise of a new generation is transitioning behind me, and you will be left in very good hands with Rob Foxx. I’ll be waiting for you to show up for an information security peer group meeting or networking round table on the pontoon boat someday soon. Those that know me, the refreshments are always ready.”

Ken Thompson HeadshotBy Kenneth D. Thompson, WBA Board chair, president and CEO of Capitol Bank, Madison

January marks the halfway point of my time as WBA chair and as we transition into a new year, there are undoubtedly new things to look forward to as an industry and as an association.

Our successes in 2021, many of which related to the ongoing uncertainty of the COVID-19 pandemic, taught us all valuable lessons I hope can be brought with us into the new year. From low levels of past-due loans throughout our industry to excess liquidity, it’s safe to say that stepping outside of our routine has resulted in spectacular results.

Looking onward to 2022, I encourage bankers to approach challenges with the same curiosity we have for the past two years. As our industry continues to grow, how will each of us lead the way in making Wisconsin banks efficient, diverse, and robust?

WBA has long known that banks are cornerstones in our communities and as such, should be leaders in embracing societal developments. Technology, for both our customers and employees, has been and should continue to be an aspect that sets our industry apart. In embracing these digital channels, banks have a unique ability to meet the expectations of customers while also supporting them with cybersecurity and best technological practices.

Our ability to advance diversity, equity, and inclusion (DEI) efforts, as well as offer flexibility to employees, has the potential to set our industry apart. This is especially important to consider as we navigate through a competitive hiring and retention landscape.

As we all envision a brighter 2022, it serves us to remember that innovative solutions, such as PPP and advances in online banking, have provided our communities with much-needed assistance in the past. We must not be held back by what we are familiar with. This pandemic has taught us all that some of the most effective answers may not be the ones that have been tried before.

It is essential for banks to approach these situations with caution instead of resistance and as always, WBA remains a valuable resource in education, advocacy, and community involvement for each of us as we look forward to what’s to come in 2022.

This year’s event centers around the theme “Rise”

The Wisconsin Banker’s Association is thrilled to announce that the annual Bank Executives Conference will be back in person February 9–11, 2022 at the Kalahari Convention Center in Wisconsin Dells. This is the premiere event for bank leaders in the state. The theme of this year’s event will be “Rise.” Wisconsin bankers have risen to the occasion over the course of the pandemic, and this conference will address what it will take to be resilient and relevant in 2022.

Networking

Being back in person opens the door for the kind of networking opportunities that bank leaders have been craving for nearly two years. The conference will kick off with a networking reception on Wednesday evening, but bankers are invited and encouraged to arrive earlier for optional afternoon “banker-only” peer group discussions starting at 2:30 p.m. Peer group discussions are geared toward the roles of CEOs, CFOs, credit and lending, operations, and organizational development. Opportunities to connect with fellow bankers, WBA Associate Members, and WBA staff will be plentiful throughout the conference, with an exhibitor Marketplace providing a dedicated space for making connections.

Executive-Level Education

The WBA Bank Executives Conference brings national experts to Wisconsin, while providing tailored programming specific to the needs of banking leaders in our state. Among the trending topics that will be covered at the conference are:

  • Changes that emerged during the pandemic that are now here to stay
  • Talent recruitment and retention
  • Technology, fintech, and digital transformation
  • Cryptocurrency
  • And more!

New Hybrid Option for 2022 A livestream will allow attendees at the bank to view the keynote sessions on February 10 and 11.

The opening keynote session is titled, “Business as Unusual: How to Future-Proof Your Business in Transformational Times.” In this engaging, provocative, and insightful keynote session, acclaimed global futurist and best-selling author Jack Uldrich will not only discuss how the Coronavirus is transforming the world of tomorrow, he will explain why it is accelerating many of the trends that were already at work prior to the epidemic. History reminds us that great crises produce great change — as well as great opportunities. To take advantage of these extraordinary opportunities, businesses must position themselves now to operate in a world where “business as unusual” is the new “usual.” This session will help leaders at every level of an organization leverage ten “unconventional” techniques to succeed in today’s — and tomorrow’s — transformational times.

Dr. Chris Kuehl, managing director of Armada Corporate Intelligence, will present a keynote session, “2022 – The Real Recovery Year?” That honor was supposed to go to 2021, but we all know what happened over the last several months — inflation, labor shortage, supply chain breakdowns, and the repeated resurgence of the virus. Now we have these lingering issues along with the reactions — higher interest rates, efforts to restore, continued engagement by the government. The bankers have been placed squarely in the middle of all this and expected to do most of the heavy lifting. Does that continue and what can we really expect as far as growth and recovery?

For more details on programming and to view the full agenda, please visit www.wisbank.com/bec.

Banking leaders are eager to rise to the challenges ahead of them, and the conference will provide actionable tools and knowledge attendees can bring back to their banks and communities.

Recognition

The 2021 Banker of the Year will be announced at the conference, recognizing a bank CEO or president (or an individual who has recently retired from these positions) who has made an outstanding effort throughout their career in service to their bank, to their community, and to the banking profession.

The Wisconsin Bankers Foundation Financial Education Innovation Award will be presented at a special luncheon on February 10. This prestigious award recognizes a bank’s unique efforts to enhance the financial capability of consumers in their community, whether it’s a new kind of educational game for students, curriculum developed for adult seminars, or some other new or innovative approach to financial education.

The 50- and 60-Year Clubs recognize bankers who have served in the banking industry for 50 and 60 years, respectively. These awards will be presented during the special luncheon at the conference to honor professionals who have dedicated their careers to the banking industry.

Entertainment

Ope! Charlie Berens, best known to Wisconsinites for his viral video series, “The Manitowoc Minute,” will perform at the Chairman’s Dinner Program on Thursday, February 10.

Comedian, Emmy award-winning journalist, and Wisconsin native Charlie Berens — who rose to fame from his video series, “The Manitowoc Minute” — will provide the entertainment for the Chairman’s Dinner Program on February 10. Attendees can expect lots of laughs from the author of the recently released book, “The Midwest Survival Guide: How We Talk, Love, Work, Drink, and Eat. . . Everything With Ranch.” Berens has been featured on Fox, CBS, Funny or Die, TBS Digital, Variety, MTV News, and more. In 2013, he won an Emmy for “The Cost of Water” while reporting for Texas news station KDAF. “The Manitowoc Minute” series has garnered millions of views and paved the way for a sold-out standup comedy tour. Geez, Louise, this is sure to be a hilarious show you won’t want to miss!

Register

To register for the conference, please visit www.wisbank.com/bec. We look forward to seeing you Wednesday, February 9–Friday, February 11 at the Kalahari Convention Center in Wisconsin Dells!

As bankers seek resources for how best to manage and mitigate risks associated with ransomware and other malicious code, don’t forget about the free resources offered by the Conference of State Bank Supervisors (CSBS) which include a ransomware self-assessment tool and resource guide.

The Ransomware Self-Assessment Tool (R-SAT) has 16 questions designed to help banks reduce the risks of ransomware. The Bankers Electronic Crimes Taskforce (BECTF), State Bank Regulators, and the United States Secret Service developed the tool. It was developed to help banks assess their efforts to mitigate risks associated with ransomware and identify gaps for increasing security. The tool provides executive management and the board of directors with an overview of the bank’s preparedness towards identifying, protecting, detecting, responding, and recovering from a ransomware attack.

The resource guide titled CSBS Executive Leadership of Cybersecurity (ELOC) Resource Guide, or “Cybersecurity 101,” is tailored to furnish executives with the necessary tools to better understand and prepare for the threats faced by their bank. The guide addresses challenges faced by both banks and nonbanks and is intended as an easily digestible, non-technical reference guide to help executives develop a comprehensive, responsive cybersecurity program in line with best practices. As each bank is different, the advice in the guide can be easily customized to meet each bank’s unique threats, priorities, and challenges. While the resource guide does not guarantee prevention, it attempts to identify various resources — people, processes, and tools and technologies — that, when properly leveraged, work to reduce a bank’s cybersecurity risk. 

Ransomware Self-Assessment Tool

The Resource Guide

Best Practices for Banks: Reducing the Risk of Ransomware (Developed by the Bankers Electronic Crimes Task Force)

Cybersecurity graphic

By Cassandra Krause 

With a recent uptick in activity, ransomware attacks are a form of cyberattack that has been prevalent in recent news — and for good reason. The effects can be detrimental in terms of monetary loss and reputational damage to the victim. Ransomware is a type of malicious software (a.k.a. malware) that usually encrypts a victim’s files, and the bad actors have upped their game to steal the data first, then threaten to also publish the data to the public. Criminals set their sights on businesses with the goal of extorting money, making community banks prime targets. 

Organized crime networks are becoming increasingly sophisticated. In general, the risk of getting caught for cybercrimes is much lower than for traditional crimes like robbery, and the financial gains are far higher. Ransomware developers write and sell the software to other bad actors for a cut of the profits when they deploy it and collect ransom payment, usually in the form of cryptocurrency, which is hard to trace. Compromised data may also be used to open fraudulent lines of credit. 

“The U.S. is in a ransomware crisis right now,” said Jeff Otteson, vice president of sales at Midwest Bankers Insurance Services (MBIS), a subsidiary of the Wisconsin Bankers Association. He explained that it has created a hard insurance market with carriers tightening up on internal control requirements such as multifactor authentication (MFA) for privileged users (users with the ability to install software or change security settings on critical systems) and encryption of backups. 

In their 2021 Cost of a Data Breach Report, IBM Security and the Ponemon Institute calculate that the average total cost of a data breach is $4.24 million, a 10% increase from 2020–2021. The per-record cost of personally identifiable information averaged $180. 

Prevention 

With the incredibly high stakes in mind, banks are dedicating significant resources to preventing malicious cyberactivity, both in terms of staff and money. Respondents to a 2020 Deloitte survey of financial institutions reported spending about 10.9% of their IT budget on cybersecurity on average, up from 10.1% in 2019. In terms of spending per employee, respondents spent about $2,700 on average per full-time employee (FTE) on cybersecurity in 2020, up from about $2,300 the prior year. 

“There is an industry-standard framework for ransomware prevention and all cybersecurity,” explained FIPCO’s Director InfoSec and Audit Ken Shaurette. FIPCO is also a WBA subsidiary. A good consultant will walk the bank through a comprehensive review of their network security, improving endpoint protection to replace traditional antivirus and endpoint detection solutions, including adding authentication improvements such as MFA, improved password strength, and protecting backups. As more and more of the digital tools that bankers utilize require users to download and install software and updates, depending on signature-based solutions for malware detection is not acceptable — it has become critical to safeguard user, file, network, and device-level activities. 

A bad actor gaining access to a bank’s data may encrypt the data and demand payment in exchange for granting access back to the bank. In this situation, having a data backup is essential.  

“The rule of thumb for data backups is 3-2-1,” said FIPCO Information Security and IT Audit Advisor Rob Foxx. “There should be three copies of all data stored on two different mediums. One of the copies should be stored off site.” 

Ransomware prevention is only one part of a complete cybersecurity system. Experts agree that early detection of unusual activity within a system can help keep a minor incident from quickly escalating into a major incident like a ransomware threat. 

“Ransomware isn’t the first attack,” said Wolf & Company, P.C. Manager of the I.T. Assurance Group Sean Goodwin, who recently presented at WBA’s Secur-I.T. Conference. “Ultimately, it’s on I.T. to put controls in place because an employee will inevitably fall for a phishing email. It becomes a question of whether we can catch that quickly.” 

Social engineering remains the greatest concern; it’s easier for bad actors to trick an employee rather than break through a firewall. Verizon’s 2021 Data Breach Investigations Report found that almost half of the breaches in the financial services industry involved internal actors committing various types of errors. The report stated that the financial sector frequently faces credential and ransomware attacks from external actors, 96% of which are financially motivated (followed by small percentages of motives of espionage, grudge, fun, and ideology). 

Goodwin emphasized that I.T. must be able to act quickly when there’s an indication that someone is accessing something they don’t normally access. “Prevention is ideal. If we can prevent it, that’s best-case scenario, but if not, early detection becomes critical,” he said. This area of solution, known as endpoint detection and response, is rapidly becoming a key point of protection from ransomware and all other malicious events. 

Establishing an incident response program within a bank is an important part of the overall cybersecurity program. 

Preparation 

Creating a culture of cybersecurity awareness throughout the bank is important, so that bank employees are prepared for an incident. Employee training on what to do in the event of an attack should be standard practice. Making security part of the organization’s DNA is a best practice. 

“Every bank needs an incident response plan, and that needs to be approved all the way up through the board. Part of this plan is notification of incidents to the insurance carrier,” said MBIS’s Otteson. 

FIPCO’s Foxx emphasized that the roles and responsibilities in the incident response plan must be clearly defined, and banks should revisit their plan regularly.  

“As the insurance agent, I’m the first call a bank makes when there’s an incident,” said Otteson. “It’s important that banks choose to work with an agency that understands cyber insurance.”  

MBIS insures about 220 banks and has access to a large number of carriers that provide the right coverage for their customers. Otteson recommends reporting all incidents as even a minor incident could result in a claim down the line and having reported that incident when it occurred is key to a successful claim. He says to keep in mind that the owner of the data is liable for it whether the incident occurred in house or with a vendor the bank shared customer data with. 

Mitigation 

It’s important to work with the insurance carrier to ensure that all the bases are covered and that the vendors who participate in the response are approved. Not using the cyber insurance carrier’s approved vendors may result in expenses not being covered under the insurance policy. In the event of a ransomware attack, the insurance agent or bank will immediately notify the insurance carrier. Beazley, a carrier partner of MBIS, maintains a 24/7 helpline, which has become common with other carriers as well. Knowing how to report incidents, when to report, and what to expect is key. 

Holidays and weekends are prime times for ransomware attacks: employees who are in a rush to leave may be more likely to click on a bad link, and with employees away from work, it’s easier for the bad actors to get into the network. Even if a problem is detected, it’s more likely that staff who could help put a stop to the attack may be on vacation or unavailable, buying the criminals more time to take over. 

As soon as a cyber liability claim is made, the insurance carrier’s pre-approved vendors come into play.  

“Nobody has the resources in house to effectively manage ransomware attacks,” said Foxx, who has experience working both within a bank and as an external auditor and consultant. The specialization of skills and the amount of people needed to perform adequate analysis and remediation are so significant that even large banks will not have all the players they need on staff. 

If a bank’s data becomes encrypted and made inaccessible, a vendor such as Tetra Defense would be engaged on forensics. Managed endpoint detection and response vendors such as Cynet can help from detection and prevention to response, including providing digital evidence for a vendor performing forensics. Meanwhile, a vendor such as Coveware would handle ransom negotiations with the criminals. Wolf & Company, P.C.’s Goodwin said that you don’t really know who’s on the other side of the transaction — some criminals may be willing to negotiate and others not. He referred to ransomware as a “niche space in cybersecurity that is now getting more attention.” The criminal organizations involved in these types of attacks in some ways act like a legitimate business in that they rely on their reputation and may even have customer service departments — if they fail, it will hurt their chances of getting more business in the future.  

Typically, in the event of a ransomware attack, a legal firm will handle communications and PR for the bank — putting a statement on the bank’s website, assisting staff with customer phone calls, and determining whom to notify. Getting legal involved early protects all communications and discovery with attorney-client privilege. The requirements for notification vary from state to state, and a bank may have customers in multiple states or even other countries, making the expertise of a legal team invaluable. The language used in communications matters, as the term “breach,” for example, can have different legal implications and potentially create larger issues than terms like “incident,” “situation,” or “event.” Education of staff far in advance using regular testing of the plan is a key factor in mitigating an incident. Inappropriate statements made by employees on social media or even at informal social gatherings can have severe ramifications for the bank. 

Follow Up 

While anyone who experiences a ransomware attack may be eager to breathe a sigh of relief and move on when it is over, it is essential to review the incident and revise the bank’s incidence response plan. Assessing what went well and what needs to be improved are critical steps.  

Goodwin also warns that victims of ransomware are commonly re-targeted. A Cybereason study found that 80% of organizations that previously paid ransom demands confirmed they were exposed to a second attack. He said that once a company has paid a ransom it is known that (1) you were compromised, (2) you do not have proper backups of your files, and (3) you were willing to pay. 

Summary 

Cyberattacks are the biggest risk to a financial institution — even surpassing the risk of past-due loans. The cost of a ransomware attack can be astronomical, with many factors contributing to the price tag, including vendor fees and staff hours to resolve the issue; the cost to inform customers and offer identity or other protections; the loss of destructed data; and the down time of the business. All of this, followed by the loss of customers’ trust (and subsequent loss of their business), has the potential to put a community bank out of business.  

There are safeguards banks can put in place, including a sound incident response plan, improved monitoring with better endpoint detection and response, cyber liability coverage, and employee education. FIPCOMBIS, and a wide range of WBA Associate Members are ready to support banks in keeping their data and that of their customers safe.  

Rose Oswald PoelsBy Rose Oswald Poels

WBA’s Secur-I.T. and BSA/AML Conference was held this week in Wisconsin Dells, and the event draws renewed attention to one of the top issues that members relay to me: cybersecurity. While this issue has been a concern for years, the risk of cyber-related breaches and attacks has grown exponentially in the past 18 months, with more consumers transacting business digitally than ever before. The risk is also further heightened with more employees, including bank employees, working remotely.

Many bank presidents share their frustration with me that cybersecurity seems to be a cost and reputational risk that no one has enough resources to guard fully against. Unfortunately, it is true that for a bank to have an effective cybersecurity strategy, it will require sufficient resources both in terms of staff and money. Respondents to a 2020 Deloitte survey of financial institutions reported spending about 10.9% of their IT budget on cybersecurity on average, up from 10.1% in 2019. In terms of spending per employee, respondents spent about $2,700 on average per full-time employee (FTE) on cybersecurity in 2020, up from about $2,300 the prior year.

Sending your employees to WBA training events on the topic, like today’s conference, is one way to ensure your team stays current on the most recent trends in cybersecurity and incident response techniques. FIPCO also offers assistance to banks in the area of cybersecurity through the services offered in the Information Security and Audit team. FIPCO provides a consultative approach to the review of a bank’s administrative, technical, and physical controls over the computing environment including protecting business systems. The FIPCO team provides consultation and advice to help institutions understand the who, what, where, and why of building an information security program to industry accepted practices that will meet today’s as well as future state, local, and federal regulations, and especially to deal with examiner comments. FIPCO can offer both solutions and expertise to help your bank. Finally, Midwest Bankers Insurance Services provides cyber insurance for your bank to help guard against losses. In their 2021 Cost of a Data Breach Report, IBM Security and the Ponemon Institute calculate that the average total cost of a data breach is $4.24 million, a 10% increase from 2020–2021. The per-record cost of personally identifiable information averaged at $180. If (or more like when in today’s environment) your bank experiences a cyber-related incident, MBIS agents will work side by side with your bank staff and the carrier to work through the proper steps to respond to such incidents.

Cybersecurity will never be an issue that disappears as our world only grows in its reliance on technology. Protecting your bank’s reputation and preserving your customers’ trust are critical to the success of your bank, which means that a cybersecurity breach or more serious incident can be detrimental to these goals. WBA remains an active partner with all of its member banks in helping to ensure your bank and staff are in the best position possible to protect against these threats, as well as respond to them as quickly and efficiently as possible.

According to analyst firm Gartner, extended detection and response (XDR) is a “SaaS-based, vendor-specific, security threat detection and incident response tool that natively integrates multiple security products into a cohesive security operations system that unifies all licensed components.”

You’ll hear plenty of the traditional vendors of antivirus begin to proclaim themselves as an endpoint detection and response (EDR) or XDR solution, trying to keep up with this more advanced tool space. As they continue to either buy up other vendors with the tool sets (then try to bolt them on to their traditional solution) or simply try to remake themselves in the model of an XDR solution in other ways, their final offering often has limitations. Typically, they’ll cover some but not all the areas of a complete XDR solution. They will address hosts and files but not network and users, or network and hosts but not files or users. They’ll miss some of that cohesive security operation defined by Gartner.

A recent article from HelpNetSecurity—a popular information security online publication—titled “XDR and MDR: What’s the Difference and Why Does It Matter?” made the following statement in closing: “An XDR solution without adequate human expertise/staffing behind it will only ever be a tool. With a managed services model in play, you’re getting both the comprehensive technology capabilities and the people required to make it work— which is why managed detection and response (MDR) may be the only acronym that your organization needs.”

This statement is very accurate for the less complete XDR offerings that do not include the managed and monitoring components in their solutions. They become like all the security information and event management (SIEM) and log management solutions that have been pushed at you for years, just becoming another tool that no one has expertise to manage or leverage the benefits that you bought it for. So, what do you have to do? One option is to buy the “managed services” from these tool vendors which can make banks dependent on them.

Another option is to research other solutions that are out there. In addition to Cynet, our Infosecurity consulting services suggest reviewing Gartner’s list of EDR solutions and offerings from WBA Associate Members when completing your due diligence. Complete solutions like Cynet360 include the backing of the Cynet CyOps team without needing to pay extra, bolt on more products, or go looking for the 24x7x365 expertise of another managed provider. This doesn’t mean that you can’t still depend on a managed services provider for another layer of monitoring and managing, but are they independent if they also are who you need to be monitoring? There’s nothing wrong with leveraging the additional layer you’ve come to depend on, but at what added cost to get the independence and expertise like that of a CyOps team that is already baked into the Cynet360 solution? You will still need to explain to your auditor and examiners that you’ve learned the tool adequately enough to understand and generate independent reporting of the activities of the managed third party.

At least when you are answering that questionnaire for your cyber insurance coverage, you’ll be able to check off ‘Yes’ on several questions because you implemented a powerful, more advanced endpoint protection solution.

Shaurette is FIPCO director infoSecurity and audit. Contact him at kshaurette@fipco.com or 608-441-1251.

By, Alex Paniagua

As banking operations have adapted to the demands of pandemic life (more remote work, broader digital interaction with third parties, etc.) institutions should reassess their defenses. Data breaches are on the rise despite the heavy security investments organizations make. If you are still relying on outdated antivirus protection solutions like signature-based architecture, your systems may be at risk.  

FIPCO offers a fully managed solution for Endpoint Detection and Response (EDR): Cynet 360.  

Cynet 360’s Sensor Fusion technology continuously ingests and analyzes endpoint, network, and user activity signals to deliver the world’s first autonomous breach protection platform, providing complete automation of monitoring and control, attack prevention and detection, and response orchestration.

Cynet’s autonomous breach protection solution defends your institution from complex, advanced attacks including malicious macros and exploits or redirection to malicious websites. This solution more accurately identifies suspicious and unauthorized activities than traditional antivirus solutions and enables a more proactive response and remediation of threats.  

Key benefits of Cynet 360 include:  

  • Speed: Fully operable within two clicks and auto-deploys on newly added machines with no human intervention  
  • Accuracy: Collects all core activity signals to gain clear insight into the unique context of each event, reducing false positives to a minimum  
  • Coverage: Airtight protection against all attack vectors that involve users, network files, and hosts  
  • Automation: The widest set of automated response workflows to any type of attack  
  • Backup: An elite time of 24/7 threat analysts and security researchers at Cynet’s Security Operations Center (SOC)

FIPCO and the Wisconsin Bankers Association are so confident in Cynet technology that it has been implemented at our offices, not simply to replace the traditional antivirus solution, but to enhance the overall security to better protect all endpoints. Cynet centralizes and automates breach protection across the entire environment.  

Is now a good time to replace your traditional antivirus solution? Call or email FIPCO Director – Information Security and Audit Ken Shaurette at 800-722-3498 ext. 251 or itservices@fipco.com today to take advantage of these services and ensure the safety and soundness of your business.  
 
Learn more at www.fipco.com/solutions/it-audit-security/autonomous-endpoint-protection.  

 

By, Alex Paniagua

Cyberattacks on bank data, including ransomware incursions that can deny a financial institution access to its own digital information, are an increasing operational risk, an industry regulator and cybersecurity experts warn. 

While most have adapted to employees working remotely during the COVID-19 pandemic, banks need to be especially mindful as hackers more aggressively attempt to break into computer systems from various points of entry, they say. 

“Banks should remain vigilant concerning cybersecurity control and risk management practices as banks face continuous threats from cyber actors,” the Office of the Comptroller of the Currency stated in its autumn Semiannual Risk Perspective. “These actors have become less inhibited and more sophisticated with their knowledge of the financial institution operations and vulnerabilities in bank applications or systems.” 

In addition to exploiting system susceptibilities, cyber crooks are using exploitation methods like phishing emails and credential theft to compromise bank systems, and examiners continue to identify concerns with bank information technology security, the OCC said. 

The pandemic has made the situation worse. 

“Cyber criminals prey on fear and urgency and general mass concern. So the coronavirus, this global pandemic that we’re dealing with, really is the sweet spot for those folks – particularly in sending out mass phishing email scams,” said Jon Waldman, co-founder of SBS CyberSecurity, a Madison, South Dakota firm that works with many financial institutions. “One out of every three phishing scams today are COVID related.” 

Waldman said that during the March-through-April stretch when coronavirus fears initially peaked, there was a 667% rise in phishing emails in the U.S. 

Phishing – a technique in which a cyber thief sends emails in the hope of duping an unsuspecting victim into turning over private information like email or system passwords – often is the easiest route for busting into a data system. 

Rather than use a highly skilled hacker to try to break through a company’s firewall, organizations can send authentic-looking phishing emails that trick the recipient into clicking on a link that opens the door to a data takeover. 

“The weakest link is the person who hasn’t been informed well enough or trained well enough or educated well enough that you don’t click on links that were not expected,” said Ken Shaurette, director of info security and audit for the Madison-based bank services firm FIPCO. “I’ve seen some extremely crafty ones. They will even fool the experts when they’re well done. And one time is all it takes.” 

In one common ruse, a hacker infiltrates actual email accounts from a title company or real estate brokerage. The crooks might then send, for instance, an email to a homebuyer who is getting ready to close on a mortgage, telling him or her the location where funds should be wired has just changed. 

“It’s coming with an actual email address. You — as a homebuyer — how do you know that wasn’t legitimate?” Shaurette said. 

In its report, the OCC warned that the financial sector continues to see an increase in ransomware attacks with cyber actors using phishing emails as the main attack method. 

In a ransomware attack, the cyber crook finds a way into a company’s system and then encrypts important data and demands money, typically via Bitcoin, to provide a key that unlocks it.  

“Recently, cyber actors have elevated their tactics to not only target and encrypt bank data while compelling payment but also threaten to auction or publish customer information on the dark web,” the OCC said. 

Banks should have a clear understanding of the impact of a ransomware attack and the potential effects on the banks’ customers and third parties, the OCC said. Dealing with breaches often comes at great cost – both financial and to customer relations.  

“Given the nature of what they do, if banks can’t recover because they don’t have appropriate backup or secured backup systems in place, they are likely looking at a scenario of ‘Well, how do we get our data back?’ and that could include paying the ransom,” said Tom Wojcinski, a director in the risk advisory services practice of the Milwaukee-based accounting and consulting firm Wipfli. 

Although authorities say companies never should pay the ransom to regain access to their data, some do. 

“If nobody paid the ransom the market would evaporate and it would stop being a thing,” Wojcinski said. “But people are paying the ransom, so the cyber criminals are continuing to drive innovation of their ransomware. It’s getting better, it’s getting faster, it’s getting harder to detect.” 

Waldman said that when a ransomware group or an attacker gets into a network, they often go 40 to 60 days – and even up to 200 days – without being detected. 

“Which gives the bad guy a lot of time to steal information and then use that as leverage in order to force an additional ransomware payment,” Waldman said. “If you have that kind of leverage, that also means you can ask for more money, and if the company doesn’t pay the ransom, then they threaten to post the data.” 

What is a typical ransom demand to a business? 

“Probably at the beginning of 2019 the average was $30,000 to $50,000, and today it’s over $200,000 on average,” Waldman said. “If you’re a bigger company, then it’s usually seven figures.” 

Given the immense hassle and cost of dealing with a ransomware takeover – and many other types of cyber intrusion – prevention and detection are crucial. 

Experts say companies need to be especially wary during a time when more employees are working remotely instead of in a building where data systems are assumed secure. 

“It’s taking employees that were once on a ‘trusted’ system in their office and potentially moving them out to a personal computer that now has not had the same kinds of controls applied to it,” Shaurette said.  

Said Waldman: “Those folks that are working from home are still working with customer information on behalf of the bank, and there’s a big potential exposure there if they would click on a phishing email or get ransomware that goes back to the financial institutions. The big message is: make sure that you use these next few months to plan around securing your work-from-home folks.” 

What are some ways a bank can protect itself against cyber crooks? 

Use multiple data backups. Waldman stressed backing up data, not just with a cloud backup, but also by keeping a copy offline and not connected to the network – safely away from the clutches of criminals. 

“In almost every case that we’ve worked from a digital forensic incident response perspective, any time an organization has had to pay the ransom, it’s because they didn’t have good data backups,” Waldman said. 

Have a strong patch management system. Staying up to date on patches typically prevents many data breaches, Waldman said. 

Train employees to make sure they’re aware of threats. Wojcinski said banks need to “create a culture of security.” 

“When I say create a culture of security, I’m really thinking about how we need to instill professional skepticism in our end users,” Wojcinski said. “And we need people to really think twice to say, ‘Should I click this link? Should I process this wire transfer? Should I do this? Is that the right thing? Let’s ask for clarification.’” 

Use multi-factor authentication. Hackers can steal or buy email credentials. Having another way to make sure the people behind the account are who they say they are can head off trouble. 

Have strong passwords. “Passwords don’t need to be complex. They need to be long,” said Shaurette. “Passwords don’t need to be hieroglyphic. They need to be unique and they should be long – and by long, it should be 15 characters and plus. If I use three or four unrelated words, I’ve got a long password that nobody is likely to ever guess.” 

Use next-generation antivirus software. While traditional antivirus programs rely on a database of cyber threats, advanced antivirus software analyzes a file before it opens to see if it’s going to execute code in a way that appears to be malicious, Waldman said. 

Make sure your security system can quickly identify intruders. This will keep criminals from having extended time in a bank’s network and records, Waldman said. 

Even with preventive measures in place, “You still need to anticipate those will be circumvented or breached somehow,” said Wojcinski said.  

“We’ve got to have monitoring processes in place to identify suspicious network traffic as endpoint detection tools to look for anomalous processes running on workstations,” Wojcinski said. 

If banks build strong cybersecurity systems, compliance with regulators shouldn’t be an issue, Shaurette said. 

“If you’ve built based on strong industry standards and continue to mature it – it’s a journey, not a destination – you will be compliant to any regulation that ever comes along,” he said. 

FIPCO is a WBA subsidiary and a WBA Gold Associate Member. 

SBS CyberSecurity is a WBA Bronze Associate Member.

Wipfli is a WBA Silver Associate Member. 

By, Alex Paniagua

The number of consumers and companies affected by cybercrimes continues to increase every year. It is estimated that cybersecurity incidents increased by 38 percent from 2014 to 2015, and the average cost per person incurred per stolen record was $154. As a result of 781 publicly acknowledged data breaches over 169 million personal records were exposed.

The threat to your personal information continues to grow. October is Cybersecurity Awareness Month and is the perfect time to learn how to better protect yourself. The number one protection against cybercrime is an informed consumer.

#1: Use More Than One Password 
Many people use the same password for multiple accounts, which means that if your credentials are stolen for one account all your accounts are in jeopardy. Do you really want to give criminals access to your bank account because you used the same credentials for your free online music account?

#2: Use Stronger Passwords 
No matter how secure a financial institution or shopping website may be, if your password is easy to guess you are still at risk of fraud. Do not use your name, birthday or pet's name, as this information is readily available to many people, especially if you post it on social media. The best passwords are often derived from an entire phrase, rather than a single word, and incorporate letters, numbers and special characters. For example, the song lyric "Don't worry; be happy" can be transformed into this password: d0ntwry_Bhpy.

#3: Beware of phishing scams 
The dangerous thing about phishing scams is they don't rely on weak website or network security. Instead, they attempt to crack the human firewall: you. Phishing scams attempt to obtain personal information or plant a virus or malware on your device by sending a fake email requesting that information, or instructing the recipient to click a link in order to reset their account. 

Never give out your personal information over the Internet, phone, or via text message unless you know exactly who you are dealing with. If you receive a suspicious email from a business or charity and you're not sure if it's legitimate, close the email, open a new browser, visit their official website and contact them through their customer service. There is often an increase in phishing scam attempts after heavily publicized security breaches (pretending to offer account security) or natural disasters (fake charities), so be especially on guard in those situations. 

#4: Avoid using public Wi-Fi to Buy 
If you frequently shop online, keep in mind that any purchases made via the web require transmitting your credit card and/or bank account information over the Internet. Using a public Wi-Fi connection to do so puts that sensitive information at risk. Hackers can tap into unsecured Wi-Fi connections at hotspots like coffee shops and airport terminals to capture that information. If you're using a wireless connection to shop, be sure that it requires a password or WEP key. Websites that have additional security protections have https:// instead of http:// on all pages of the site.

#5: Monitor Your Credit Report 
Your credit score affects many aspects of your life, including interest rates on large purchases, obtaining loans, and even renting an apartment. Make sure you check your credit report three times per year (one for each of the three major credit reporting agencies: Experian, TransUnion and Equifax). You can do so for free by visiting www.annualcreditreport.com. Watch for unauthorized accounts, loans or purchases because they will damage your credit and signal that your identity may have been stolen. If you find inaccuracies in your report, you can dispute those errors online, by mail or over the phone by contacting the credit bureau where you found the inaccurate report (contact information will be on the report itself).

#6: Be careful what you throw away 
Dumpster diving doesn't just apply to paper statements and discarded credit cards anymore. Before you recycle or donate old cellphones or computers, be sure to remove any personal and financial information. For computers, the best way to do this is to use a wipe utility program to overwrite the entire hard drive. For mobile devices, check the owner's manual, service provider website, or device manufacturer's website for information on how to permanently delete information. In addition, remove the SIM card from the device. 

#7: Take Action 
If you hear about a data breach or other fraud that might possibly affect your account, be proactive and change any related passwords. This is especially critical if you use the same password on multiple accounts (which you should avoid doing anyway). If you notice suspicious charges on your credit card or transfers from your banking account, contact your bank right away to notify them of the issue. They may put a freeze on the account to prevent further fraud, but this will keep the criminals from emptying your account.

By, Amber Seitz

Events

What do 36 hours, May 1, 2022, and computer security have in common? They are all elements of the new reporting requirement for cyber security and ransomware incidents. Will you be ready for the May 1 deadline?

AFTER THIS WEBINAR YOU’LL BE ABLE TO:

  • Implement appropriate practices to discover computer-security occurrences and determine whether they rise to the level of a notification incident
  • Identify critical timing requirements
  • Explain when notification is required to a primary federal regulator and to the banking organization
  • Assess if contractual notification provisions are consistent and compliant with the new law
  • Define a computer-security incident
  • Meet the 36-hour notification requirement after a notification incident

WEBINAR DETAILS
Computer-security incidents targeting the financial services industry have increased in frequency and severity in recent years. In an effort to promote early awareness of emerging threats, banking organizations and bank service providers are now required to comply with mandatory reporting requirements effective May 1, 2022. Proper identification of a triggering incident and timely reporting are critical actions imposed by this final rule.

The reporting requirements expand beyond a cyberattack and include additional types of non-malicious failure of hardware and software, such as a widespread user outage for customers and bank employees. It’s critical that your financial institution understands the various types of incidents that may trigger the notification requirements and develops the appropriate policies and procedures to fulfill the new requirements of this recently issued mandatory rule. Don’t let the 36-hour clock expire without meeting the notification requirement. Join us to learn the details of the final rule and receive recommendations on policies and procedures to assist with mandatory compliance reporting requirements.

Attendance certificate provided to self-report CE credits.

WHO SHOULD ATTEND?
This informative session would best suit compliance officers, information security officers, senior management, business continuity officers, and those responsible for oversight of critical third-party servicers.

TAKE-AWAY TOOLKIT

  • Checklist to aid in making required notification decisions
  • Required notification record
  • Fact sheet explaining the critical components of the final rule
  • Employee training log
  • Interactive quiz

PRESENTER – Molly Stull, Brode Consulting Services, Inc.
Molly Stull began her career as a teller while working on her undergraduate degree and has continued working in the financial industry ever since. She has experienced the growth of a hometown bank, branch mergers, charter changes, name changes, etc. Stull has activated business resumption plans, performed secondary market quality control reviews, processed wires, filed SARs, and coordinated reviews with external auditors and examiners. Her favorite role has always been educating staff and strongly believes that if staff understands the reason for a process they will be more compelled to follow the procedures. Stull holds a bachelor’s from the University of Akron and an MBA from Ashland University.

REGISTRATION OPTIONS

  • $245 Live Webinar Access
  • $245 On-Demand Access + Digital Download
  • $320 Both Live & On-Demand Access + Digital Download

Cybersecurity threats continue to rapidly evolve in sophistication and are occurring with increased frequency. Daily, we hear news about new data breach, dangerous strain of malware, innovative hacking schemes, and targeted efforts of organized crime groups. In fact, cybersecurity news has become so pervasive that it’s not even shocking news to most people anymore. This session will provide detailed information on how to prevent the latest information security threats or ways to mitigate the latest vulnerabilities.

The discussion will include:

  • Network compromises and data breaches
  • ATM Jackpotting and unlimited operations
  • New internet-based vulnerabilities
  • Commercial account takeover
  • Business email compromise
  • Standards for protecting information systems (NIST, SANS, ISO)
  • Advanced controls to mitigate risk (DLP, SIEM, App Whitelisting, Next Gen Firewalls, Network Segregation, Incident Response, Continual Monitoring, Forensics)
  • How to tie standards and controls to the IT Risk Assessment and IT Audit Program

Target Audience:  Information security officer, IT manager, risk officer, internal auditor, CIO, and executives looking to better understand cybersecurity risks.

Presenter
SBS CyberSecurity, LLC

Registration Option
Live presentation $330

Recording available through July 22, 2022

The thing about Incident Response, just like Business Continuity (and insurance), is that we all hope the scenarios we know can happen never actually occur. However, the point of planning is to anticipate the bad things happening and have a plan to deal with those incidents, should they occur.

While can be difficult to document a response for Incident Response scenarios that have never occurred, building out step-by-step scenarios into an Incident Response Playbook might just save your organization time, money, resources, or even the business itself is something bad does happen. How do you create your own Incident Response Playbook?

This presentation will cover the following areas/topics:

  • Regulatory requirements of an Incident Response Plan (IRP)
  • Components of a valuable IRP
  • Threat Assessments
  • What is an Incident Response Playbook?
  • Testing Your Incident Response Playbook
  • Using Your Playbook to improve your IRP

Target Audience: Information security officer, IT manager, risk officer, internal auditor, CIO.

Presenter
SBS CyberSecurity, LLC

Registration Options
Live presentation $330

Recording available through September, 10 2022

It’s time to shift our thinking when it comes to security awareness training. Yearly education and testing just doesn’t cut it in today’s cyber world. Security awareness is a topic we should have in front of our people on a much more consistent basis.

However, as we all know, creating a culture in any environment involves more than words or flipping a switch — it involves thoughtful and deliberate action across the organization, as well as accountability for that culture. Culture also has to start at the TOP of the organization, or it will be meaningless downstream. Overall, the goal of a Culture of Cybersecurity is to make security the first think we think about, as opposed to the last.

Join us for this session will include:

  • Cyber Threat’s New normal
  • People, Process, and Technology — which is the weakest link?
  • Compliance-based security awareness training
  • Proactive Security Awareness Training
  • Building an Effective Security Awareness Training Program
    • Directors/Executive Management
    • Employees
    • Customers
  • Topical training ideas
  • Why accountability matters most

Target Audience: Incident response team, information security officer, IT manager, risk officer, internal auditor, and IT focused staff.

Presenter
SBS CyberSecurity, LLC

Registration Options
Live presentation $330

Recording available through August 13, 2022

The FFIEC released a complete re-write of the Business Continuity Planning booklet back in November 2019 titled Business Continuity Management. In addition to changing the title from Business Continuity Planning to Business Continuity Management, the booklet initially focuses on the principles and practices for managing continuity and resiliency as well as regulatory expectations for resiliency with third party service providers. In addition to business resiliency with third parties, the institution’s resilience through an enterprise risk management (ERM) perspective is addressed. ERM takes technology, operations, communication, training, testing, and maintenance into consideration. Have you updated your plan to address the new booklet? This webinar will provide recommendations on how to update your plan to meet regulators expectations.

What You Will Learn

  • Roles and responsibilities
  • Business impact analysis
  • Risk assessment process
  • Business resiliency
  • Third party resiliency
  • Training
  • Testing

Who Should Attend?
Information security and cybersecurity officers, IT managers, risk management officers, internal auditors, senior management, or anyone looking to gain insight into the business continuity planning process and FFEIC updates.

Presenter
Susan Orr is a leading financial services expert with vast regulatory, risk management, and security best practice knowledge and expertise.

As an auditor and consultant, Orr is dedicated to assisting financial institutions in implementing appropriate policies and controls to protect confidential information and comply with regulatory mandates and best practices. Her expertise as an auditor and former examiner provides her the knowledge and expertise to conduct comprehensive IT general control and data security reviews and assist banks in developing and updating policies and procedures and risk assessments, performing third party risk management, and facilitating testing and training. Orr is a certified information systems auditor (CISA), certified information security manager (CISM), certified in risk and information systems control (CRISC).

Registration Options

  • Live Plus Five (days) – $265
  • OnDemand Recording – $295
  • CD-ROM – $345
  • Live Plus Six (months) – $365
  • Premier Package – $395

Being the information security officer for a financial institution is a big responsibility in today’s world of cyber threats and data breaches. This webinar is for those who are new to the role or have been the ISO for some time but want to review what is expected and how to be successful. As the ISO, part of your responsibility is building and maintaining the Information Security Program. While it has many important elements, there are really 3 basic components: risk assessment, ISP policies and procedures, and audit. The risk assessment will help you make decisions, the policies and procedures document the decisions for your institution to implement, and audit verifies that they have been completed and are adequate controls to protect your institution.

Building a strong Information Security Program is a fundamental component to a successful ISO. We will review various regulatory guidance that outlines ISO responsibilities and reporting structures. Additionally, various educational paths that can help develop your skills in the future.

What You Will Learn

  • FFIEC Roles and Responsibilities of the ISP
  • Building a Strong Cybersecurity Culture
  • Board Reporting
  • Educational and Certification Paths
  • Strong Risk Assessment Methodology
  • Creating your ISP with Policies and Procedures

Who Should Attend?

Information security officers, IT managers, risk officers, internal auditors, board members, or other management team members looking to more clearly define the roles of an information security officer to better enable success.

Presenter
Jeff Spann, is a SVP information security consultant for SBS CyberSecurity, LLC of Madison, SD and is a certified information systems auditor, an instructor for the certified banking security manager (CBSM) course, has seven years of IT auditing and consulting experience, and ten years experience as a bank CIO and ISO.

Registration Options

  • Live Plus Five (days) – $265
  • OnDemand Recording – $295
  • CD-ROM – $345
  • Live Plus Six (months) – $365
  • Premier Package – $395

On November 18th, 2021, the FDIC, Federal Reserve, and OCC jointly published a final rule that imposes a new 36-hour notification requirement on banking organizations and bank service providers following significant cybersecurity incidents. While this new requirement is certainly a big deal, the rule comes with some caveats and more clearly defined standards for reporting.

What You Will Learn:

  • The definitive requirements of the new Incident Notification Rule
  • Definitions of “Incident” and “Notification Incident” specified in the Rule
  • Actions to take immediately
  • How does this new Rule affect the rest of your Incident Response Program
  • Components of an IRP that help achieve the new Rule requirements

Who Should Attend?
Information security officers, IT Managers, risk officers, internal auditors, Board members, or other management team members looking to understand risks from ransomware.

Presenter
Jon Waldman is a co-founder and Senior Information Security Consultant for SBS CyberSecurity, a premier cybersecurity consulting and audit firm dedicated to making a positive impact on the banking and financial services industry. He maintains his CISA and CRISC certifications and received his bachelor of science in computer information systems and his master of science in information assurance with an emphasis in banking and finance security from Dakota State University. Over the last ten years Waldman has helped hundreds of financial institutions across the country create and implement comprehensive, valuable, and manageable Information Security Programs. He also conducts webinars and certification programs for the SBS Institute.

Registration Options

  • Live Plus Five (days) – $265
  • OnDemand Recording – $295
  • CD-ROM – $345
  • Live Plus Six (months) – $365
  • Premier Package – $395

A financial institutions’ Board of Directors has the ultimate responsibility for securing customer information, as well as the responsibility for approving financial investments into cybersecurity, creating accountability throughout the institution for security operations, and setting clear expectations for management. The trouble with all that, however, is that the Board of Directors has not historically included a lot of technical or security expertise, which can limit the understanding of information and cyber security at their organizations.

So what do the Board of Directors and Executives need to most understand information and cyber security? How can the Board improve its oversight of its own ISP? Let’s discuss.

This presentation will cover the following areas/topics:

  • Trends in cybersecurity
  • Cybersecurity regulatory expectations of the Board
  • The biggest challenges facing the Board and cybersecurity
  • A framework for asking better questions
  • IT Risk = Lending Risk
  • Most important things for the Board to know about IT/IS Risk
  • Add technical/cybersecurity expertise to the Board
  • Setting a culture of security

Target Audience:  Board members, executive team, and managers responsible for information security. Both board members and information security professional will benefit from this session. Board and senior executives will receive a basic review of cybersecurity and a strong information security program, plus questions to ask of management. Members of the management team will benefit from a better understanding of what the board needs to know, how to communicate it, and tips in creating a strong culture.

Presenter
SBS CyberSecurity, LLC

Registration Option
Live presentation $330

Recording available through June 25, 2022

When you arrive at work today, your computer screen shows a message asking for $52,000 to access your files, and you have 48 hours to pay or you lose your data. Does this scenario keep you up at night? It sure has kept the employees of the City of Atlanta up most nights in the second quarter of 2018 as they recovered from a SamSam ransomware infection that shut down a significant portion of their network for months. In the case of shipping company Mearsk, they lost over $200 million from the NotPetya ransomware attack. They were required to conduct a complete infrastructure overhaul, which included the reinstallation of 4,000 servers and 45,000 PCs according to a ZDNet article. If you recall, the 2017 NotPetya ransomware attack never had a successful payment mechanism to get your data back. It resulted in the complete destruction of systems for thousands of businesses in eastern Europe.

Ransomware is evolving from a wallet stealing threat to a weapon of mass destruction that has the power to cripple businesses or even countries. There are many different directions that ransomware has taken over the past few years; as it finds its place as a major threat to our businesses. Join us in this discussion to learn about trending issues with ransomware and best practices to prepare for an attack.

Topics for Discussion:

  • Regulatory guidance and expectations
  • Trend attack types
  • Infection process
  • Lessons learned
  • Best practices
  • Ransom payment methods
  • Free Ransomware Toolkit

Target Audience:  Information security officer, IT manager, risk officer, internal auditor, board members, or other management team members looking to understand risks from Ransomware.

Presenter
SBS CyberSecurity, LLC

Registration Option
Live presentation $330

Recording available through May 18, 2022

Explore the fundamental building blocks of a repeatable framework for cybersecurity and information security issues. Your information security program can be more than a document created for compliance. We will help develop a program that provides your institution with clear direction and guidance that meets and exceeds regulatory expectations while addressing real-world risks.

Some bank programs implemented today are a collection of documents pulled together over the years, that exists primarily to satisfy regulatory requirements. The Information Security Program should be a coordinated set of policies that work together to implement a unified set of controls across the organization. A daily playbook used by employees to fight cybercrime and not a collection of documents to satisfy auditors and examiners.

Discussion Topics

  • Regulatory Requirements
  • Purpose of repeatable cybersecurity frameworks
  • Program Basics for a solid frameworkITris
  • Detailed explanation of framework components
  • Next steps for a comprehensive, valuable, repeatable framework
  • Making decisions with the framework
  • See new issues and technologies automatically handled by a solid framework

Target Audience
Incident response team, information security officer, IT manager, risk officer, internal auditor, and IT focused staff members

Presenter
SBS CyberSecurity, LLC

Registration Option
Live presentation $330

Recording available through April 28, 2022