Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.

Size: px
Start display at page:

Download "Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m."

Transcription

1 Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m. It is crucial that small financial firms take proper cybersecurity measures to protect their customers and their firm. During this session, panelists provide risk-based, threat-informed effective practices applicable to small firms and supportive of their overall business model to increase their security and ensure the protection of customer and firm data. Moderator: Gregory Markovich Regulatory Principal, Sales Practice FINRA Chicago District Office Panelists: Jay Copeland Vice President, Information Systems and Technology The Strategic Financial Alliance, Inc. Tyler Gray Chief Operating Officer MicroVenture Marketplace, Inc. Paul Welding Vice President of Technical Operations Institutional Cash Distributors (ICD) 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 1

2 Cybersecurity Guidance for Small Firms Panelist Bios: Moderator: Greg Markovich joined FINRA on February 1, 2016, as Regulatory Principal and he is currently responsible for leading cybersecurity examinations and providing security consultation and training for other staff. Prior to joining FINRA, Mr. Markovich has 30 years of information technology (IT) and security experience working at two investment management firms including Capital Group American Funds, and American Century Investments. His leadership roles at these firms included responsibility for information security, risk management, identity access management, and disaster recovery. Mr. Markovich also has experience leading applications development and infrastructure support teams. In addition to having an MBA degree from the University of Missouri, Mr. Markovich has several security certifications including a certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM) certification. Panelists: Jay Copeland is Vice President, Information Systems and Technology for The Strategic Financial Alliance, Inc. and Strategic Blueprint, LLC. and the Chief Information Security Officer for SFA Partners, Inc. and The SFA, Inc. Mr. Copeland is responsible for all aspects of IT, including systems, servers, network administration and cybersecurity for the broker dealer. Prior to The SFA, Mr. Copeland spent four years as the IT Manager for the marine electronics division of Johnson Outdoors, Inc. overseeing IT systems and technology in Georgia, Alabama and Canada. Prior to Johnson Outdoors, Mr. Copeland was Director, Information Technology of TSYS, an international credit card processing company for six years. As head of Service Delivery for TSYS Distribution Technologies, Mr. Copeland was responsible for IT project management and PCI compliance for all client facing, revenue generating systems. Mr. Copeland was also the Information Technology Manager of Tom s Foods, Inc., a nationally recognized snack food manufacturer, for 16 years prior to joining TSYS. Tyler Gray is Chief Operating Officer for MicroVenture Marketplace Inc., an equity crowdfunding investment platform located in Austin, Texas. In this role, he oversees many aspects of the Firm including overall corporate strategy, business development, back-office operations, platform development, marketing/advertising, and finance. He has been with the Firm since 2013 and has held various executive roles including Chief Compliance Officer. He holds a BA in Economics from Michigan State University and an MBA with a concentration in Accounting from St. Edward s University. Additionally, he holds the Series 7, 9, 10, 24, 27, 63 and 99 licenses. Paul Welding joined Institutional Cash Distributors in 2018 as the VP of Technical Operations and leads the IT and Cybersecurity groups. He has 25 years of experience in the IT industry, and has spent the last 10 years delivering secure software products and services for companies in the Defense, Finance and Cybersecurity industries. He helped deliver a large satellite imagery-processing platform secured at the Top Secret level to help our warfighters. He has previously held positions at LogRhythm, Sun Microsystems and Bell Laboratories Financial Industry Regulatory Authority, Inc. All rights reserved. 2

3 2018 Small Firm Conference November 7-8, 2018 Santa Monica, CA Cybersecurity Guidance for Small Firms

4 Panelists Moderator Gregory Markovich, Regulatory Principal, Sales Practice, FINRA Chicago District Office Panelists Jay Copeland, Vice President, Information Systems and Technology, The Strategic Financial Alliance, Inc. Tyler Gray, Chief Operating Officer, MicroVenture Marketplace, Inc. Paul Welding, Vice President of Technical Operations, Institutional Cash Distributors (ICD) 1

5 To Access Polling Under the Schedule icon on the home screen, Select the day, Choose the Cybersecurity Guidance for Small Firms session, Click on the polling icon: 2

6 Topics Cybersecurity threats How small firms handle cybersecurity Process, Tools, and Resources How to secure incoming and outgoing Security for remote offices and RRs External Risk Assessments (Penetration Testing) Cybersecurity Governance Questions from audience/participants 3

7 Poll Question 1 1. What type of cybersecurity attacks or incidents has your firm experienced in the last six months? a. (e.g., phishing, malware, viruses) b. Internet Site (e.g., probing, scanning, injections) c. Account Compromise (e.g., clearing system, , etc.) d. Multiple of the above e. None of the above 4

8 Cybersecurity Attacks, Threats, and Prevention Why is it important: The frequency and sophistication of cybersecurity threats and attacks is increasing. Financial firms and individual broker-dealers are at risk. Firms must take steps to prevent attacks and monitor their environment. Effective Practices: Written policies and procedures to protect customer information Governance Framework and Risk Management (identify, assess, manage) Technical Controls Vendor Management Training Monitoring and Incident Management 5

9 Financial Service Firms Common Threats Threats: Phishing - #1 threat for financial firms as observed by FINRA Ransomware Account Takeover Wire Fraud DDoS Attacks Malware Virus Insider Threat Spam Others.. 6

10 Poll Question 2 2. How many people at your firm (employees and/or contractors) support your cybersecurity program or controls? a. 1 to 2 b. 3 to 5 c. 5 to 10 d. Greater than 10 e. Don t Know 7

11 Cybersecurity Controls and Monitoring 8

12 Poll Question 3 3. Does your firm provide a method to encrypt sensitive information in outgoing s? a. Yes using a button or a keyword on the subject line b. Yes s are scanned and automatically encrypted c. No there isn t a method for sending encrypted s d. Don t Know 9

13 Statistics* Over 75 trillion s will be sent in billion s are sent each day Average of s per person per day Over 4 billion addresses worldwide became the top cyber attack method in 2014 FINRA firms rely heavily on for B/D Operations *Statistics from Phishing Dark Waters, Wiley Publications 10

14 Risks information lost or stolen credentials stolen hacker can see account info, money transfer instructions Sender not correct Spoofing Phishing, Spear Phishing, Whaling Malware (virus, ransomware, key logger) 11

15 Poll Question 4 4. Has your firm conducted a penetration test of your website in the last 12 to 18 months? a. Yes We have conducted a penetration test b. No But we are planning to in the next 3 to 6 months c. N/A Do not have an internet site or the site is content only d. Don t Know 12

16 Types of Penetration Testing Network Website Wireless Network Physical Site Social Engineering Cloud 13

17 External Risk Assessment Penetration Testing Penetration Testing Steps: Define Scope Planning and reconnaissance Scanning Gaining Access (optional) Analysis and write report Present and discuss results 14

18 Cybersecurity Governance Resources assigned and overall cybersecurity program governance Leaders, resources, and organization Information security roles defined Governance groups and process Senior leadership / Board involvement) Firm s controls and processes to manage cyber-related risks Policies, standards, and procedures Internal and External Audit s role 15

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m. Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m. Cybersecurity is a top priority for the financial services industry. Firms dedicate significant resources every

More information

Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.

Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m. Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m. The cyber threats are no longer a question of if, but when, a breach will occur. It is important

More information

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Thursday, February 22 3:45 p.m. 4:45 p.m. With recent high-profile data breaches, cybersecurity

More information

Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m.

Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m. Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m. Increased use of technologies such as mobile devices, social media and cloud computing has increased

More information

Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m.

Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m. Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m. Hear about the latest IT security threats to your clients and to your practice.

More information

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ Operations & Technology Seminar Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ Operations & Technology Roundtable Crowne Plaza Monroe, Monroe Township, NJ Tuesday, November 8, 2016

More information

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

10 Cybersecurity Questions for Bank CEOs and the Board of Directors 4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors

More information

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,

More information

SALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually

SALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually SALARY $49.72 - $72.54 Hourly $3,977.88 - $5,803.27 Biweekly $8,618.75 - $12,573.75 Monthly $103,425.00 - $150,885.00 Annually ISSUE DATE: 03/21/18 THE POSITION DIRECTOR OF CYBER SECURITY OPEN TO THE PUBLIC

More information

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1 Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com

More information

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person) Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,

More information

Defensible Security DefSec 101

Defensible Security DefSec 101 Defensible Security DefSec 101 Security Day November 2017 Information Security Branch Paul Falohun Senior Security Analyst Dan Lathigee Senior Project Manager Content 1 Introduction 2 DefSec for PSO 3

More information

Effective Practices for Insider Threats and Third-Party Risk Management Thursday, February 22 10:00 a.m. 11:00 a.m.

Effective Practices for Insider Threats and Third-Party Risk Management Thursday, February 22 10:00 a.m. 11:00 a.m. Effective Practices for Insider Threats and Third-Party Risk Management Thursday, February 22 10:00 a.m. 11:00 a.m. Financial institutions are subject to threats on multiple fronts. Two threats of significant

More information

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA Cyber Security in M&A Joshua Stone, CIA, CFE, CISA Agenda About Whitley Penn, LLP The Threat Landscape Changed Cybersecurity Due Diligence Privacy Practices Cybersecurity Practices Costs of a Data Breach

More information

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD December 2014 KEVIN GROOM ISACA Involvement (Middle Tennessee Chapter) Treasurer (2009 2011) Vice President (2011 2013) President (2013 present)

More information

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government Florida Government Finance Officers Association Staying Secure when Transforming to a Digital Government Agenda Plante Moran Introductions Technology Pressures and Challenges Facing Government Technology

More information

2017 Annual Meeting of Members and Board of Directors Meeting

2017 Annual Meeting of Members and Board of Directors Meeting 2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,

More information

NYDFS Cybersecurity Regulations

NYDFS Cybersecurity Regulations SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy

More information

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry

More information

Cybersecurity The Evolving Landscape

Cybersecurity The Evolving Landscape Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG

More information

How Secure is Blockchain? June 6 th, 2017

How Secure is Blockchain? June 6 th, 2017 How Secure is Blockchain? June 6 th, 2017 Before we get started... This is a 60 minute webcast For better viewing experience, close all other applications For better sound quality, please use headphones

More information

Cybersecurity for Service Providers

Cybersecurity for Service Providers Cybersecurity for Service Providers Alexandro Fernandez, CISSP, CISA, CISM, CEH, ECSA, ISO 27001LA, ISO 27001 LI, ITILv3, COBIT5 Security Advanced Services February 2018 There are two types of companies:

More information

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE SESSION ID: SBX4W5 SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE Dara Such VP & Publisher, Security Networking and IoT TechTarget @darasuch What we ll cover today State of SecOps:

More information

Sage Data Security Services Directory

Sage Data Security Services Directory Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time

More information

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along 2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle

More information

Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018

Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018 Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018 Contents Background 3 Exercise objectives 4 Day 1 Cyber-range exercise 5 Day 2 Cyberattack scenario 6-7

More information

CISO as Change Agent: Getting to Yes

CISO as Change Agent: Getting to Yes SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch

More information

Emerging Issues: Cybersecurity. Directors College 2015

Emerging Issues: Cybersecurity. Directors College 2015 Emerging Issues: Cybersecurity Directors College 2015 Agenda/Objectives Define Cybersecurity Cyber Fraud Trends/Incidents FFIEC Cybersecurity awareness initiatives Community Bank expectations FFIEC Cybersecurity

More information

Building a Threat Intelligence Program

Building a Threat Intelligence Program WHITE PAPER Building a Threat Intelligence Program Research findings on best practices and impact www. Building a Threat Intelligence Program 2 Methodology FIELD DATES: March 30th - April 4th 2018 351

More information

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity How NSFOCUS Protected the G20 Summit Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity SPONSORED BY Rosefelt is responsible for developing NSFOCUS threat intelligence and web

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary

More information

PEOPLE CENTRIC SECURITY THE NEW

PEOPLE CENTRIC SECURITY THE NEW PEOPLE CENTRIC SECURITY THE NEW PARADIGM IN CYBERSECURITY David Karlsson SE Nordics March 2018 1 2018 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY PARTNERS

More information

Industrial Control System Cyber Security

Industrial Control System Cyber Security Industrial Control System Cyber Security Disaster Recovery Information Exchange Bruce Tyson June 28, 2017 Lunch and Learn Introduction Bruce Tyson is a certified engineering technologist (CET Telecommunications

More information

Gujarat Forensic Sciences University

Gujarat Forensic Sciences University Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat

More information

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015 ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters

More information

Must Have Items for Your Cybersecurity or IT Budget in 2018

Must Have Items for Your Cybersecurity or IT Budget in 2018 Must Have Items for Your Cybersecurity or IT Budget in 2018 CBAO Regional Meeting Dan Desko (Senior Manager, IT Risk Advisory) Matt Dunn (Senior Security Analyst, IT Risk Advisory) Who is Schneider Downs?

More information

Evolution of Spear Phishing. White Paper

Evolution of Spear Phishing. White Paper Evolution of Spear Phishing White Paper Executive Summary Phishing is a well-known security threat, but few people understand the difference between phishing and spear phishing. Spear phishing is the latest

More information

Interpreting the FFIEC Cybersecurity Assessment Tool

Interpreting the FFIEC Cybersecurity Assessment Tool Interpreting the FFIEC Cybersecurity Assessment Tool Wayne H. Trout, CISA, CRISC, CBCA, CBRA, CBRITP NCUA Supervisor, Critical Infrastructure and Cybersecurity What We ll Cover Cyber risk management Cybersecurity

More information

Fundamentals of Cybersecurity Controls Thursday, February 11 10:00 a.m. 11:00 a.m.

Fundamentals of Cybersecurity Controls Thursday, February 11 10:00 a.m. 11:00 a.m. Fundamentals of Cybersecurity Controls Thursday, February 11 10:00 a.m. 11:00 a.m. The frequency and sophistication of cyber-attacks are increasing, and it is imperative to have fundamental controls in

More information

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank NJ Bankers Association Annual Convention May 19, 2017 Presented by: Jeremy Burris, Principal, S.R. Snodgrass,

More information

Ben Eu. Summary. Experience. Associate Partner, Infrastructure & Endpoint Security at IBM

Ben Eu. Summary. Experience. Associate Partner, Infrastructure & Endpoint Security at IBM Ben Eu Associate Partner, Infrastructure & Endpoint Security at IBM Summary Ben Eu is currently an Associate Partner at IBM Security Services, North America. As an experienced information security executive

More information

Les joies et les peines de la transformation numérique

Les joies et les peines de la transformation numérique Les joies et les peines de la transformation numérique Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA Professor, Solvay Brussels School of Economics and Management Academic Director, IT Management Education

More information

Troubleshooting and Cyber Protection Josh Wheeler

Troubleshooting and Cyber Protection Josh Wheeler May 4, 2016 Troubleshooting and Cyber Protection Josh Wheeler Network Security Network Security Risks Video Network Security Risks Article Network Security Risks Data stealing or disruption of network

More information

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015 Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015 Cybersecurity is a Journey and Not a Destination: Developing a risk management

More information

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri

112 th Annual Conference May 6-9, 2018 St. Louis, Missouri 8:30 10:30 May 6, 2018 Room 240 Complex 112 th Annual Conference May 6-9, 2018 St. Louis, Missouri Moderator/Speakers: Kevin Wachtel Finance Director/Treasurer, Villa Park, IL Alex Brown Senior Manager,

More information

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief 5 Trends That Will Impact Your IT Planning in 2012 Layered Security Executive Brief a QuinStreet Excutive Brief. 2011 Layered Security Many of the IT trends that your organization will tackle in 2012 aren

More information

NERC Staff Organization Chart Budget 2018

NERC Staff Organization Chart Budget 2018 NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate

More information

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security

More information

Cyber Security Risk Management and Identity Theft

Cyber Security Risk Management and Identity Theft Cyber Security Risk Management and Identity Theft 2017 MD SHRM State Conference Presented by Robert Bob Olsen, Chief Executive Officer MS ITS, MBA, CISSP, CISM October 16, 2017 This presentation may not

More information

NERC Staff Organization Chart Budget 2019

NERC Staff Organization Chart Budget 2019 NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate

More information

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City 1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the

More information

BUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST FRAUD

BUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST  FRAUD BUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST EMAIL FRAUD Navindra Ramnauth CISSP Principal Sales Engineer 1 2017 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY

More information

Cyber-Threats and Countermeasures in Financial Sector

Cyber-Threats and Countermeasures in Financial Sector Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats

More information

CISO View: Top 4 Major Imperatives for Enterprise Defense

CISO View: Top 4 Major Imperatives for Enterprise Defense CISO View: Top 4 Major Imperatives for Enterprise Defense James Christiansen Chief Information Security Officer Evantix, Inc. Gary Terrell CIPP Chief Information Security Officer Adobe Session ID: Star

More information

The Widening Talent Gap: The greatest security challenge of our time

The Widening Talent Gap: The greatest security challenge of our time INFORMATION SECURITY The Widening Talent Gap: The greatest security challenge of our time Presented by: Experis Information Security Practice Thursday, April 14, 2016 General Information Share the webinar

More information

FDIC InTREx What Documentation Are You Expected to Have?

FDIC InTREx What Documentation Are You Expected to Have? FDIC InTREx What Documentation Are You Expected to Have? Written by: Jon Waldman, CISA, CRISC Co-founder and Executive Vice President, IS Consulting - SBS CyberSecurity, LLC Since the FDIC rolled-out the

More information

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic

More information

NERC Staff Organization Chart Budget 2019

NERC Staff Organization Chart Budget 2019 NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate

More information

Strengthening your fraud and cyber-crime protection controls. March 2017

Strengthening your fraud and cyber-crime protection controls. March 2017 Strengthening your fraud and cyber-crime protection controls March 2017 Audience question: What is your role within your institution? a) Payment operations / cash management / treasury services b) Compliance

More information

You ve Been Hacked Now What? Incident Response Tabletop Exercise

You ve Been Hacked Now What? Incident Response Tabletop Exercise You ve Been Hacked Now What? Incident Response Tabletop Exercise Date or subtitle Jeff Olejnik, Director Cybersecurity Services 1 Agenda Incident Response Planning Mock Tabletop Exercise Exercise Tips

More information

Texas Department of Banking United States Secret Service January 25, 2012

Texas Department of Banking United States Secret Service January 25, 2012 Texas Department of Banking United States Secret Service January 25, 2012 Presented by: Texas Department of Banking Banking Commissioner Charles G. Cooper Deputy Commissioner Bob Bacon Chief IT Security

More information

Combating Cyber Risk in the Supply Chain

Combating Cyber Risk in the Supply Chain SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an

More information

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience

More information

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust Managing Cyber Risk Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust Adam Thomas Principal Cyber Risk Services Deloitte & Touche LLP Give Us Your Feedback for this Session!

More information

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016 Cybersecurity Conference Presentation North Bay Business Journal September 27, 2016 1 PRESENTER Francis Tam, CPA, CISM, CISA, CITP, CRISC, PCI QSA Partner Information Security and Infrastructure Practice

More information

Cybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls

Cybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls Cybersecurity Hospitality Finance and Technology Professionals June 27, 2017 Presented by: Harvey Johnson, CPA Partner Overview Define Cyber Security Importance of Cyber Security 2017 Cyber Trends 1 About

More information

with Advanced Protection

with Advanced  Protection with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations

More information

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18 Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are

More information

Fraud and Social Engineering in Community Banks

Fraud and Social Engineering in Community Banks Fraud and Social Engineering in Community Banks Information Security Trends and Strategies October 2, 2010 1 Our perspective LarsonAllen Started in 1953 with a goal of total client service Today, industry

More information

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.

More information

Sizzle or Fizzle: Is Threat Intelligence Really Worth My Time?

Sizzle or Fizzle: Is Threat Intelligence Really Worth My Time? SESSION ID: AIR T09F Sizzle or Fizzle: Is Threat Intelligence Really Worth My Time? MODERATOR: Dr. Anton Chuvakin Research Vice President at Gartner @anton_chuvakin PANELISTS: Brian Engle Executive Director

More information

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time

Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time TM Plan. Protect. Respond. Welcome to the CyberSecure My Business Webinar Series We will begin promptly at 2pm EDT All speakers will be muted until that time Registration is open for the April webinar:

More information

2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification

2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification 2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification Presenters Jared Hamilton CISSP CCSK, CCSFP, MCSE:S Healthcare Cybersecurity Leader, Crowe Horwath Erika Del Giudice CISA, CRISC,

More information

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards GEORGIA CYBERSECURITY WORKFORCE ACADEMY NASCIO 2018 State IT Recognition Awards Title: Georgia Cybersecurity Workforce Academy Category: Cybersecurity State: Georgia Contact: Stanton Gatewood Stan.Gatewood@gta.ga.gov

More information

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015 Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report November 19, 2015 Table of contents Background Exercise objectives Quantum Dawn 3 (QD3) cyberattack scenario QD3 results

More information

From Russia With Love

From Russia With Love #ARDAWorld From Russia With Love Is your technology vulnerable to data theft? Do you know your own security protocols? Learn about auditing cyber-security processes and discover how to stay compliant and

More information

Cybersecurity Fundamentals Paul Jones CIO Clerk & Comptroller Palm Beach County CISSP, ITIL Expert, Security+, Project+

Cybersecurity Fundamentals Paul Jones CIO Clerk & Comptroller Palm Beach County CISSP, ITIL Expert, Security+, Project+ Cybersecurity Fundamentals Paul Jones CIO Clerk & Comptroller Palm Beach County CISSP, ITIL Expert, Security+, Project+ NOT SO LONG AGO 1981 IS IT FUNNY OR WHAT? THE BALANCING ACT Ease of Use Maintenance

More information

CYBER SOLUTIONS & THREAT INTELLIGENCE

CYBER SOLUTIONS & THREAT INTELLIGENCE CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world

More information

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats

More information

Art of Performing Risk Assessments

Art of Performing Risk Assessments Clinical Practice Compliance Conference Art of Performing Risk Assessments October 2016 Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP) Member FBI InfraGard AGENDA Cyber Risk = Disruptive Business Risk Breaches:

More information

New Zealand National Cyber Security Centre Incident Summary

New Zealand National Cyber Security Centre Incident Summary New Zealand National Cyber Security Centre 2013 Incident Summary National Cyber Security Centre 2013 Incident Summary Foreword The incidents summarised in this report reinforce that cyber security is truly

More information

Qualification Examination Program Restructure and Regulatory Continuing Education (CE) Program Changes Tuesday, October 9 1:00 p.m. 2:00 p.m.

Qualification Examination Program Restructure and Regulatory Continuing Education (CE) Program Changes Tuesday, October 9 1:00 p.m. 2:00 p.m. Qualification Examination Program Restructure and Regulatory Continuing Education (CE) Program Changes Tuesday, October 9 1:00 p.m. 2:00 p.m. This session provides guidance on FINRA s exam restructuring

More information

Uncovering the Risk of SAP Cyber Breaches

Uncovering the Risk of SAP Cyber Breaches Uncovering the Risk of SAP Cyber Breaches Research sponsored by Onapsis Independently Conducted by Ponemon Institute LLC February 2016 1 Part 1. Introduction Uncovering the Risks of SAP Cyber Breaches

More information

Business continuity management and cyber resiliency

Business continuity management and cyber resiliency Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,

More information

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Cybercrime Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1: Organizations can prevent cybercrime from occurring through the proper use of personnel, resources,

More information

Changing the Game: An HPR Approach to Cyber CRM007

Changing the Game: An HPR Approach to Cyber CRM007 Speakers: Changing the Game: An HPR Approach to Cyber CRM007 Michal Gnatek, Senior Vice President, Marsh & McLennan Karen Miller, Sr. Treasury & Risk Manager, FireEye, Inc. Learning Objectives At the end

More information

Office 365 Buyers Guide: Best Practices for Securing Office 365

Office 365 Buyers Guide: Best Practices for Securing Office 365 Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.

More information

SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES

SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES Dear Executive, you requested more information, here are three quick questions Would you know if your company

More information

BHConsulting. Your trusted cybersecurity partner

BHConsulting. Your trusted cybersecurity partner Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised

More information

The Honest Advantage

The Honest Advantage The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents

More information

Cybercrime and Information Security for Financial Institutions. AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida

Cybercrime and Information Security for Financial Institutions. AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida Cybercrime and Information Security for Financial Institutions AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida Defining Cybercrime Stealing and Monetizing Financial and Identity Data

More information

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network? Cybersecurity Due Diligence Checklist Control # Control Name Risks Questions for IT 1 Make an Benign Case: Employees Inventory of using unapproved Authorized devices without Devices appropriate security

More information

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE COMPLIANCE ADVISOR NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE A PUBLICATION BY THE EXCESS LINE ASSOCIATION OF NEW YORK One Exchange Plaza 55 Broadway 29th Floor New York, New York 10006-3728 Telephone:

More information

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting Addressing Vulnerabilities By Integrating Your Incident Response Plans Brian Coates Enaxis Consulting Contents Enaxis Introduction Presenter Bio: Brian Coates Incident Response / Incident Management in

More information

Cybersecurity, the Challenges Healthcare Faces AUGUST 17, 2018 BUILDING LEADERS TRANSFORMING HOSPITALS IMPROVING CARE HTS3 2018

Cybersecurity, the Challenges Healthcare Faces AUGUST 17, 2018 BUILDING LEADERS TRANSFORMING HOSPITALS IMPROVING CARE HTS3 2018 Cybersecurity, the Challenges Healthcare Faces AUGUST 17, 2018 BUILDING LEADERS TRANSFORMING HOSPITALS IMPROVING CARE 45 YEARS OF DELIVERING RESULTS 2 2 2 HealthTechS3 is a 45 year old, award-winning healthcare

More information

Cyber Attack: Is Your Business at Risk?

Cyber Attack: Is Your Business at Risk? 15 July 2017 Cyber Attack: Is Your Business at Risk? Stanley Wong Regional Head of Financial Lines, Asia Pacific Agenda Some common misconceptions by SMEs around cyber protection Cyber Claims and Industry

More information

Department of Management Services REQUEST FOR INFORMATION

Department of Management Services REQUEST FOR INFORMATION RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President

More information

NCUA IT Exam Focus. By Tom Schauer, Principal CliftonLarsonAllen

NCUA IT Exam Focus. By Tom Schauer, Principal CliftonLarsonAllen NCUA IT Exam Focus By Tom Schauer, Principal CliftonLarsonAllen My Background and Experience Computer Science Degree - Puget Sound Information Security Professional for 30 years Consultant: Ernst & Young,

More information

Taking a Business Risk Portfolio (BRP) Approach to Information Security

Taking a Business Risk Portfolio (BRP) Approach to Information Security SESSION ID: GRC-F03 Taking a Business Risk Portfolio (BRP) Approach to Information Security Johna Till Johnson CEO and Founder Nemertes Research @johnatilljohnso - @nemertes Executive View of InfoSec ca.

More information

CYBERSECURITY AND THE MIDDLE MARKET

CYBERSECURITY AND THE MIDDLE MARKET CYBERSECURITY AND THE MIDDLE MARKET The Importance of Cybersecurity and How Middle Market Companies Manage Cyber Risks IN COLLABORATION WITH 2 Concerns about cybersecurity are not matched by plans. IMPORTANCE

More information