Schedule

9:00 a.m.         MORNING SESSIONS

   Duties of the ISO:  What Must be Done and What is a                        Waste of Time

                         Regulatory Expectations & Hot Buttons:  Which Way the       Examination Winds are Blowing in 2020

                         Programs, Policies, and Risk Assessments:  Tackling           Complexity with Simplicity

                         Risk Mitigation Best Practices

Noon                Lunch/Peer Networking

1:00 p.m.        AFTERNOON SESSIONS

   Audit & Exam Prep: How the ISO Can Help

                        Current Cybersecurity Best Practices, Threats, & Case                                Studies

                        Incident Response:  Oh Shoot!  We’ve Been Hacked!

                        Customer Response:  One Chance to Get it Right

                        Vendor Management Made Easier

                        Reporting to the Board (and Training Them) Without                                    Inducing Sleep

4:00 p.m.        Adjourn  

Session Highlights

1.       Information Security Defined

2.       The Importance of Board Oversight

3.       Senior Management Responsibilities

4.       The Role of the ISO

5.       Legal and Regulatory Issues

6.       Gramm-Leach-Bliley Act (GLBA) Compliance

7.       Anatomy of the Information Security Program

8.       Performing the Information Security Risk Assessment

9.       Audit’s Role in Testing Mitigating Controls

10.   The ISO’s Role in Enterprise Risk Management (ERM)

11.   Developing and Delivering a Powerful Security Awareness Program

12.   Understanding Current Security Threats

13.   Security Best Practices

14.   Security Monitoring

15.   Incident Response

16.   Customer Response Program

17.   Information Disposal

18.   Engaging an Effective IT Audit

19.   Cybersecurity Issues

a.       FFIEC Cybersecurity Assessment Tool (CAT)

b.      Bank-specific Cybersecurity Risk Assessment

c.       Cybersecurity Assessment (in conjunction with IT Audit)

d.      Penetration Testing

e.      Vulnerability Scanning

f.        Social Engineering

20.   Service Provider Oversight

21.   Reporting to the Board of Directors or the Audit Committee

Who Should Attend?

This session will appeal to Information Security Officers (ISOs), chief risk officers, auditors, compliance officers, technology & operations management, chief financial officers, board members, and anyone else responsible for information security or cybersecurity preparedness.

 

Instructors

Learn from three of the most experienced people in the industry.  As consultants who are doing this work in client banks every week, your instructors can discuss practice, not just theory.  Get expert interpretation, not just a reading of the regulations.  Find out how information security incidents have been handled in banks across the nation and how you can protect your bank and mitigate information security risk effectively and affordably. 

CPE and Certificate

Receive 6 hours of Continuing Professional Education (CPE) credits and a certificate of completion for this program.

Paul W. Barret, Jr. School of Banking is registered with the National Association of State Boards of Accountancy (NASBA), as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North, Suite 700, Nashville, TN 37219-2417. Web site: www.nasba.org.

The Barret School of Banking offering of Information Security Officer Education a “group-live” advanced level program for bankers and other financial professionals. No advanced preparation or other prerequisites are required for enrollment. Admission guidelines are stated on the application. For more information regarding administrative policies such as complaint or refund, please contact the School office at 901-321-4000.  Participants will receive 6 hours of Continuing Professional Education (CPE) credit for this program.

Note:  This is a Sawyers & Jacobs LLC event presented for bankers and examiners only.  

All content and materials (in print and electronic formats) are copyrighted and represent the intellectual property of Sawyers & Jacobs LLC.  Any content or materials from this event are not to be reproduced or distributed, in any form.  Individual handouts will be provided to paid registrants.  Such handouts are for their use only and are not to be copied or shared with other banks or any other third-party. 

© 2020, Sawyers & Jacobs LLC, All Rights Reserved.