Loading...

25 Baseline Controls Banks Struggle to Implement

This session reviews these 25 controls, as well as practical solutions your institution can use to implement these controls. We will also discuss the next steps beyond the assessment to provide a comprehensive cybersecurity framework which institutions can repeatedly follow.

OnDemand
Recorded Tuesday,
April 20th, 2021
Presented by Shane Daniel
2h total length
$279.00 or 1 Token

Includes: 30 Days OnDemand Playback, Presenter Materials and Handouts

  • Risk Management/Legal
  • Board Member
  • Compliance Officer
  • Internal Auditor
  • IT Professional
  • Privacy Officer/Information Security Professional
  • Security Officer

Save on annual training costs with our Webinar Subscription Service and share webinars across your entire organization.

Become a subscriber

Learn about upcoming events, webinars and discounts.

Sign Up For Email Notifications

The FFIEC Cybersecurity Assessment process is here to stay. At a minimum, most regulators are requiring financial institutions to complete an assessment on an annual basis. This process includes a review of an institution’s Inherent Risk Level, identification of currently implemented controls to reduce risk, and a gap analysis to identify additional controls needed to reach the institutions desired risk appetite.

Over 1200 financial institutions have completed their Cybersecurity Assessment using our complementary assessment solution. SBS has analyzed the results and identified the top 25 most common baseline controls not implemented by financial institutions. These are controls that financial institutions MUST complete regardless of their inherent risk score. This session reviews these 25 controls, as well as practical solutions your institution can use to implement these controls. We will also discuss the next steps beyond the assessment to provide a comprehensive cybersecurity framework which institutions can repeatedly follow.

What You'll Learn

  • FFIEC Guidance
  • Inherent Risk Assessment Process
  • Cyber Maturity Process
  • Top 25 Controls
  • Remediation Ideas
  • Tracking Progress on Controls

Who Should Attend

Information Security Officer, IT Manager, Risk Officer, Internal Auditor, CIO, and Executives looking to understand the Cybersecurity Assessment process, common weaknesses in controls, and how to address them.


Shane Daniel

Instructor Bio

Shane Daniel is a Senior Information Security Consultant for SBS CyberSecurity, where he works to help organizations identify and understand cybersecurity risks to allow them to make better and more informed business decisions.

As a former community bank internal auditor and compliance officer, Shane has over 27 years of experience helping financial institutions manage risk and profitability. He is driven to be an expert in his field by maintaining a variety of premier industry certifications, including Certified Public Accountant (CPA), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), and a Certified Internal Auditor (CIA). Shane specializes in risk management, information technology audit, Bank Secrecy Act independent testing, compliance management, information security, and internal audit outsourcing.