Critical Cybersecurity Focus Areas for 2020 OnDemand with Live Streaming

Attend the Critical Cybersecurity Focus Areas for 2020 from the convenience of your own home or office via Live Streaming Video as it happens on Wednesday, May 27th (9:00 am – 4:00 pm Central Time), or after the event with 6 months of OnDemand playback.

2020 has been an interesting and challenging year so far for financial institutions, but if there's one thing we've learned, it's that cybersecurity doesn't take a back-seat to anything - pandemic or otherwise - especially when you rely on technology to provide services to your customers. Join us for this one-day, streaming Cybersecurity session to discuss four important and relevant cybersecurity topics, along with a ton of great risk-mitigating takeaways to consider implementing at your institution.

Covered Topics

You are a Technology Company - This section we will discuss how to embrace your technology company status at your institution as well as:

  • Embracing Your Technology Company Status
  • Changing Your View of Cybersecurity
  • Acting Like a Technology Company

How to Build Out an Incident Response Playbook - Incident Response has never been more important; make sure it's working for you including a review of:

  • Regulatory requirements of an Incident Response Plan (IRP)
  • Components of a valuable IRP
  • Threat Assessments
  • What is an Incident Response Playbook?
  • Testing Your Incident Response Playbook

Use Your Vendor Management Program to Help You Make Better Decisions - what are the biggest decisions you need to make from your Vendor Management Program? We will cover:

  • Regulatory Vendor Management Guidance over the years
  • Requirements for compliance-based Vendor Management
  • Building a Modern Vendor Management Program
  • Other ways to manage Vendor Risk
  • Other tools to review Vendor security
  • Supply Chain Management/4th Party Management

Testing Your ISP in 2020 - what are the modern ways to make sure you are doing what your ISP says you should be doing, and is it enough? This final section will go over:

  • People, Process, and Technology
  • Minimum Requirements for Testing Your ISP
  • Best Practices for Testing Your ISP
  • Reactive Testing vs. Proactive Testing
  • Additional Security Testing to Consider

Who Should Attend?

Information Security Officers, IT Directors, Risk Managers, Auditors, Directors, or other management team members wanting more information regarding FFIEC requirements and expectations will benefit from attending this program.